Is this, more or less, what you are looking for?
Please consider this an early alpha preview, that will most definetly clutter the * peep * out of your log.
npm i nodebb-plugin-expiring-uploads
I've taken the liberty to replace the md5- with xx-hashs. MD5 is outdated since years and quite verbose (aa1469dd64687462ee30378e14d34105 vs. 6edebbb6).
The outcoming url is of the form:
The seed of xxhash is the first part (up to the first
- ) of your nodeBB's secret (config.json).
On the HDD, files are stored in
/nodeBB/expiring_uploads/ as opposed to
/nodeBB/public/uploads/files/, since everything in
/public/ could be guessed, as all of its contents seem to be blindly exposed to the clients. Please note, that my lazily hardcoding the
/ could make this plugin fail on Windows. I'll change that, or at least check whether the NodeBB core takes care of it.
The created links are routed, but you can't actually download the file, yet.
The plugin hook (filter:uploadFile) is pretty needy - or powerful; depending on your point of view. Anyway, it breaks out of (returns from) the core function, handling uploads, as early as it can get. Meaning, that the plugin has to handle everything like allowed filetypes, -sizes and such. I assume, that you e.g. don't want to have uploaded pictures expire. It's in there, but only rudimentarily, for now. That's why I haven't started the ACP part of it, yet.
In the end the plugin will surely have an option to choose, but for starters: What's your preference, the least setup effort for you? Would you rather define filetypes which should be expiring or those who should not?
Another aproach would be to add a second "Expiring Upload" button to the composer. This way the built-in button would follow the general setup (e.g. allowed filetypes images) and the added button would only accept .zip, .gz, .pdf, what have you.