Shortlinks allow users to earn tokens by solving links from third-party URL shortener services (e.g., Shorte.st, Ouo.io).
- Config Params: Name, API URL (
{url}), API Token, Reward Amount, Daily Limit. - API Integration: The system generates a unique verification URL (
/shortlinks/verify/{token}) and sends it to the provider's API to get a shortened link.
- Selection: User sees available shortlinks (filtered by daily limit IP/User checks).
- Generation: System generates a unique, single-use
tokenand creates ashortlink_session(valid for 1 hour). - Redirection: User is sent to the Provider's Short URL.
- Verification: After solving the captcha/ads, the Provider redirects the user back to the verification URL with the token.
- Reward: Logic validates the token, ensures it hasn't expired, and credits the user.
-
Session Tokens:
- Cryptographically random 16-byte hex tokens.
- Single-use: Deleted immediately upon verification (Atomic Transaction).
- Bound to User ID and IP Address.
-
Strict Limits:
- Daily Limit: Enforced per Link ID.
- Cross-Account Check: Checks if the IP Address has already claimed the link today, preventing multi-accounting on the same WiFi.
-
Atomic Verification:
DELETE ... RETURNINGpattern ensures a token can strictly be used once, even with concurrent requests.
- Service:
lib/services/shortlinks.ts - Models:
shortlinks,shortlink_claims,shortlink_sessions. - API:
/api/shortlinks/verify/[token]