Description:
Currently, list endpoints may expose explicit pagination parameters (like page=2 or offset=10), which allows users to easily scrape the database or guess the data structure.
We need to analyze and implement a pagination class that masks the request parameters (e.g., CursorPagination or equivalent, depending on the framework). This class uses an encoded pointer/token, hiding the actual offsets and preventing data duplication during frequent updates.
Tasks:
Analyze and select the most secure pagination class that hides explicit request parameters.
Configure this pagination class globally in the project settings.
Set a strict default limit of 6 objects per page.
Acceptance Criteria (Definition of Done):
[ ] Pagination is applied automatically to all list endpoints (unless overridden manually).
[ ] Next/Previous page URLs do NOT contain explicit parameters (like ?page=2). They use secure, encoded tokens (e.g., cursors) instead.
[ ] A maximum of 6 objects is returned per request.
Description:
Currently, list endpoints may expose explicit pagination parameters (like page=2 or offset=10), which allows users to easily scrape the database or guess the data structure.
We need to analyze and implement a pagination class that masks the request parameters (e.g., CursorPagination or equivalent, depending on the framework). This class uses an encoded pointer/token, hiding the actual offsets and preventing data duplication during frequent updates.
Tasks:
Analyze and select the most secure pagination class that hides explicit request parameters.
Configure this pagination class globally in the project settings.
Set a strict default limit of 6 objects per page.
Acceptance Criteria (Definition of Done):
[ ] Pagination is applied automatically to all list endpoints (unless overridden manually).
[ ] Next/Previous page URLs do NOT contain explicit parameters (like ?page=2). They use secure, encoded tokens (e.g., cursors) instead.
[ ] A maximum of 6 objects is returned per request.