Invoice link that can be set to expire

[mzneu]

Hi,
Still self-hosting v4 of Invoiceninja in Docker. Invoiceninja allows the user to email a link to a client allowing the client to view/download/print an invoice after entering a password. I know deleting the invoice will cause this link to expire/malfunction. Is there any way to either set an expiration date for the link (and perhaps a maximum number of allowed views of the invoice), or at least be able to generate a list of active links and disable them individually/manually without actually deleting the invoice?
If there's anyone that is interested and capable of making the above modifications to the source code for me, please let me know the cost.
Thank you.

[kbftech]

I'm wondering if someone having access to an old magic link could get into a customer's portal and change his password. It also gives that user the ability to view all the customer's information on file, which is kind of a big deal imo. Am I missing something?

From a test I just did with a fake customer, you can get into the customer's portal and change the password using a magic link. This looks like a bug more than a feature to me. Also kind of a big security threat.