Building a Production-Grade URL Shortener: Architecture, Metrics, and Motivation
#SYSTEM DESIGNMar 09, 20268 min read

Building a Production-Grade URL Shortener: Architecture, Metrics, and Motivation

The Motivation

Have you ever wondered how services like Bitly or TinyURL handle millions of redirects with near-zero latency? I set out to build a production-grade URL Shortener platform to solve high-throughput challenges: unique ID generation, scalable database access, and sub-50ms redirect paths.

Long URLs are unwieldy. They break in emails, look messy in social posts, and are hard to remember. A URL shortener creates a clean interface while also enabling analytics: who clicked, when, and from where.

The goal was to build a system that not only works, but is structurally sound for horizontal scaling, stateless authentication, and fast lookups.

Code Space

3.52 Trillion

Redirect Latency

< 50ms

Code Generation

< 1ms

Architecture

4-Layer N-Tier

Technology Stack

  • Backend: Node.js and Express.js
  • Database and ORM: Drizzle ORM + SQLite (migrated from PostgreSQL)
  • Authentication: Stateless JWT + bcryptjs
  • Validation: Zod schema validation
  • Frontend: React (Vite) + Tailwind CSS

A Look at the Platform

URL Shortener login screen
Authentication screen for secure access.
URL Shortener dashboard
Dashboard for shortening, tracking, and link management.

High-Level System Architecture

Transport/Routing Layer: HTTP handling, CORS setup, and endpoint mapping.
Controller Layer: request parsing, strict validation with Zod, and response shaping.
Service Layer: core business logic (NanoID generation, retries, hashing, orchestration).
Data Access Layer: Drizzle ORM for secure and structured persistence operations.

Core Engineering Decisions and Metrics

1) Retry Pattern for Collision Resistance

Short codes are generated with a 7-character NanoID from a 62-character alphabet (~3.52 trillion combinations).

On uniqueness conflict, a retry loop regenerates the code up to 5 attempts to maintain reliability.

Metric: Generation latency under 1ms, with near-zero collision failure rate.

2) Indexed Lookups with B-Tree

The redirection endpoint is the critical performance path. A B-Tree index on short_code avoids O(N) scans as data grows.

This keeps lookup time stable and protects redirect performance under increasing traffic.

Metric: End-to-end redirect latency under 50ms.

3) Asynchronous Write-Behind Analytics

Click analytics updates are dispatched asynchronously so redirects return immediately without waiting for database writes.

This preserves user-perceived speed while still recording engagement data in the background.

Metric: Analytics adds near-zero perceived redirect latency.

4) Stateless Authentication

JWT-based stateless auth avoids centralized session bottlenecks.

Any backend node can verify requests, enabling cleaner horizontal scale-out.

Final Thoughts

Building this URL shortener was a deep architecture exercise. The migration from Docker PostgreSQL to SQLite proved how resilient layered design can be: data-engine changes were isolated without rewriting core business logic. The result is a fast, robust platform ready for real-world usage.