Blog Search and Filtering Endpoint #6
Description
Description
Develop an API endpoint to allow visitors to search and filter through blog content on the site without authentication, providing quick access to relevant articles and information.
Acceptance Criteria
- The endpoint allows searching blog posts by title, excerpt, and author and returns a paginated result.
- The endpoint supports filtering blog posts by publish date range.
- The endpoint supports sorting blog posts by publish date in ascending or descending order.
- The endpoint does not require authentication.
- The endpoint returns a
200 OKstatus code and the correct response body when data is fetched successfully. - The endpoint returns an appropriate error message when an error occurs.
Requirements
- Implement API endpoint for searching and filtering blog posts.
- Allow searching by title, excerpt, and author.
- Implement filtering by publish date range.
- Support sorting by publish date in ascending or descending order.
- Handle unexpected errors and return the appropriate status code.
- Implement pagination to manage the number of results returned in a single response.
- Implement server-side validation and sanitization of user input to prevent injection attacks and ensure data integrity.
- Ensure the endpoint does not require authentication.
Expected Outcome
- Visitors should be able to send a request to the backend to search and filter blog posts.
- Visitors should receive appropriate status codes and responses based on the outcome of the request.
Endpoints
[GET] /api/v1/blogs/search
-
Description: Provides a paginated list of blog posts based on search and filter criteria.
-
Query Parameters:
q: The search query to match against title, excerpt, and author. (Optional)start_date: The start date for filtering blog posts by publish date. Format:YYYY-MM-DD. (Optional)end_date: The end date for filtering blog posts by publish date. Format:YYYY-MM-DD. (Optional)sort: The order to sort blog posts by publish date. Values:asc(ascending),desc(descending). Default isdesc. (Optional)page: The page number to retrieve. Default is1. (Optional)page_size: The number of blog posts per page. Default is10. (Optional)
-
Success Response:
-
Status:
200 OK -
Body:
{ "count": 100, "next": "http://example.com/v1/api/blogs/search?q=python&start_date=2024-01-01&end_date=2024-12-31&sort=asc&page=2&page_size=10", "previous": null, "results": [ { "title": "Blog Post Title", "excerpt": "Short excerpt of the blog post...", "publish_date": "2024-07-17T00:00:00Z", "author": "Author Name" }, ] }
-
-
Error Response:
-
Status:
500 Internal Server Error -
Body:
{ "error": "Internal server error." }
-
-
Invalid Method Response:
-
Status:
405 Method Not Allowed -
Body:
{ "error": "This method is not allowed." }
-
-
Bad Request Response:
-
Status:
400 Bad Request -
Body:
{ "error": "An invalid request was sent." }
-
Testing
Test Scenarios
-
Successful Search and Filter of Blog Posts
- Ensure that the endpoint successfully searches and filters blog posts based on the query parameters.
- Verify that the response includes the total count, next and previous page URLs, and the results with title, excerpt, publish date, and author for each blog post.
- Confirm that the status code is
200 OK.
-
No Blog Posts Found
- Simulate a scenario where no blog posts match the search or filter criteria.
- Confirm that the response body contains an empty list.
-
Internal Server Error
- Simulate an internal server error to raise an exception.
- Verify that the endpoint returns a
500 Internal Server Errorstatus code. - Confirm that the response body contains an appropriate error message.
-
Invalid Query Parameters
- Send requests with invalid query parameters (e.g., incorrect date format).
- Validate the input of the entered query.
- Verify that the endpoint returns a
400 Bad Requeststatus code. - Confirm that the response body contains an appropriate error message.
-
Invalid Method
- Send a request using an invalid HTTP method (e.g., POST) to the endpoint.
- Verify that the endpoint returns a
405 Method Not Allowedstatus code.