The real need is to block users to send any link they want into the /d/ endpoint. And we can do it using little encryption. So I think this issue can be closed. I will open a new issue for encrypting /download urls.
We can use a simple PRIVATE_KEY on the server to encrypt the urls and then further decrypt them back.
https://github.com/aviaryan/youtube-mp3-server/issues/17#issuecomment-238521123
We can use a simple PRIVATE_KEY on the server to encrypt the urls and then further decrypt them back.