office of arts

I'm looking for a very basic way to generate something similar to the one-time password recovery link, but for a different application. Currently, I have a rule config'd so that when I add a particular role to a user, a notification is dispatched to the user with a link that allows them to create a new content-type on the site. The problem is that I don't want this static link to be lingering out there for users to be able to pass around and keep regenerating said content-types. I want this link to contain some sort of token that will expire within, say, 24 hrs. It doesn't have to be incredibly elaborate. It's mostly a deterrent to prevent the static link from being abused. I was thinking I could set some kind of server-side cookie that expires in 24 hrs, which would contain a random generated string. Then I could just do something like http://www.mysite.com/?q=path-to-create … amp;token=[some-random-value-that-expires], but I don't even know where to start.

Any help is much appreciated!