I Built My Own URL Shortener Because Bit.ly Charges for Custom Aliases
TL;DR: Bit.ly puts custom short links behind a paywall. So I built URLzap — a production-ready URL shortener with custom aliases, expiry, QR codes, click analytics, and JWT auth. It's live, free to use, and fully open source.
The Problem
I was sharing links to my side projects — Monitorly, my portfolio, GitHub repos — and wanted clean, memorable short URLs like urlzap.me/pulsewatch instead of a random string of characters.
Bit.ly's answer? Pay for a premium plan.
I'm a B.Tech student. I'm not paying $35/month to shorten my own links. So I did what any developer would do — I spent a weekend building it myself.
What is URLzap?
URLzap is a full-featured URL shortener built with Node.js, Express.js, MongoDB, and Azure. It's not just a redirect service — it has features I actually use daily.
Live: urlzap.me
GitHub: github.com/vbv0507/url-shortener
Features
1. Custom Aliases
The whole reason I built this. Instead of urlzap.me/xK92mP, I can create urlzap.me/pulsewatch for my Monitorly project. Clean, memorable, and free.
2. Link Expiry
Set an expiry date on any link. After that date, the link auto-deactivates. Useful for time-limited campaign links or sharing temporary access.
3. QR Code Generation
Every short link automatically generates a QR code. Handy for sharing links in presentations, README files, or anywhere you want a scannable format.
4. Click Analytics Dashboard
A per-link dashboard showing total clicks over time. You can see which links are getting traffic and when. Simple but genuinely useful for tracking your own projects.
5. JWT Authentication
All endpoints are secured with JWT. Each user only sees and manages their own links — no leaking between accounts.
6. Rate Limiting + Input Validation
Backend-level rate limiting to prevent abuse, and full input validation on all endpoints. Not an afterthought — built in from the start.
Tech Stack
| Layer | Technology |
|---|---|
| Runtime | Node.js |
| Framework | Express.js |
| Database | MongoDB + Mongoose |
| Auth | JWT (jsonwebtoken) |
| QR Codes | qrcode npm package |
| Deployment | Azure App Service |
| CI/CD | GitHub Actions |
How It Works — The Core Flow
Shortening a URL
// POST /api/links
// Creates a short link with optional custom alias and expiry
router.post('/', authenticate, async (req, res) => {
const { originalUrl, customAlias, expiresAt } = req.body;
// Check if alias is already taken
const existing = await Link.findOne({ shortCode: customAlias });
if (existing) return res.status(409).json({ error: 'Alias already taken' });
const shortCode = customAlias || generateRandomCode(6);
const link = await Link.create({
originalUrl,
shortCode,
userId: req.user.id,
expiresAt: expiresAt || null,
clicks: 0
});
res.json({ shortUrl: `https://urlzap.me/${shortCode}`, link });
});
Redirecting + Tracking Clicks
// GET /:shortCode
// Looks up the link, checks expiry, redirects, and logs the click
router.get('/:shortCode', async (req, res) => {
const link = await Link.findOne({ shortCode: req.params.shortCode });
if (!link) return res.status(404).send('Link not found');
// Check expiry
if (link.expiresAt && new Date() > link.expiresAt) {
return res.status(410).send('This link has expired');
}
// Log click and redirect
await Link.findByIdAndUpdate(link._id, { $inc: { clicks: 1 } });
res.redirect(link.originalUrl);
});
QR Code Generation
// GET /api/links/:id/qr
// Returns a QR code as a PNG data URL
const QRCode = require('qrcode');
router.get('/:id/qr', authenticate, async (req, res) => {
const link = await Link.findById(req.params.id);
const qrDataUrl = await QRCode.toDataURL(`https://urlzap.me/${link.shortCode}`);
res.json({ qr: qrDataUrl });
});
MongoDB Schema
const linkSchema = new mongoose.Schema({
originalUrl: { type: String, required: true },
shortCode: { type: String, required: true, unique: true },
userId: { type: mongoose.Schema.Types.ObjectId, ref: 'User' },
clicks: { type: Number, default: 0 },
expiresAt: { type: Date, default: null },
createdAt: { type: Date, default: Date.now }
});
// Index for fast lookups on every redirect
linkSchema.index({ shortCode: 1 });
The shortCode index is important — every redirect hits this lookup, so it needs to be fast even at scale.
Deployment on Azure
The app runs on Azure App Service (Central India region) with GitHub Actions CI/CD. Every push to main triggers an automatic deploy — no manual steps.
# .github/workflows/deploy.yml (simplified)
- name: Deploy to Azure Web App
uses: azure/webapps-deploy@v2
with:
app-name: 'urlzap'
publish-profile: ${{ secrets.AZURE_PUBLISH_PROFILE }}
package: .
This means I can push a fix and it's live in under 2 minutes.
What I Learned Building This
1. Indexes matter more than you think.
Before adding the shortCode index, redirects were doing a full collection scan. After adding it, lookup time dropped dramatically. Always index fields you query frequently.
2. Input validation is not optional.
I got lazy on validation early on and had to go back and add it everywhere. Build it in from day one — middleware-based validation keeps it clean.
3. Expiry logic is tricky at scale.
I handle expiry on every redirect request right now. At scale, a background cron job that deactivates expired links periodically is a better pattern.
4. Rate limiting saves you from yourself.
Without rate limiting, a single script could hammer your redirect endpoint and spike your Azure costs. Add it early.
What's Next
- [ ] Custom domain support (bring your own domain)
- [ ] Link groups / folders for organisation
- [ ] API access with API keys (not just JWT)
- [ ] Detailed analytics (referrer, country, device)
Try It / Use the Code
Live: urlzap.me
GitHub: github.com/vbv0507/url-shortener
If you're tired of paying for custom short links, fork it, self-host it, or just use URLzap directly.
Happy to answer questions about any part of the build in the comments.
Also building: Monitorly — an API uptime monitoring platform. Check it out if you want to monitor your own endpoints.
Tags: #node #javascript #webdev #showdev
Top comments (0)