Skip to content

Feature: Implement secure global pagination (Max 6 items per page) #48

Description

@devsmish

Description:
Currently, list endpoints may expose explicit pagination parameters (like page=2 or offset=10), which allows users to easily scrape the database or guess the data structure.

We need to analyze and implement a pagination class that masks the request parameters (e.g., CursorPagination or equivalent, depending on the framework). This class uses an encoded pointer/token, hiding the actual offsets and preventing data duplication during frequent updates.

Tasks:

Analyze and select the most secure pagination class that hides explicit request parameters.

Configure this pagination class globally in the project settings.

Set a strict default limit of 6 objects per page.

Acceptance Criteria (Definition of Done):

[ ] Pagination is applied automatically to all list endpoints (unless overridden manually).

[ ] Next/Previous page URLs do NOT contain explicit parameters (like ?page=2). They use secure, encoded tokens (e.g., cursors) instead.

[ ] A maximum of 6 objects is returned per request.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions