[WIP] Add default pagination limits for list endpoints

[Copilot]

Thanks for assigning this issue to me. I'm starting to work on it and will keep this PR's description up to date as I form a plan and make progress.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[API] Implement Default Pagination Limits for List Endpoints</issue_title>
<issue_description>## 📊 Priority: LOW - Nice to Have

Background

The workflow and store list endpoints support pagination via limit and offset query parameters, but do not enforce default limits when these parameters are omitted. This could lead to performance issues if the database grows large, as clients might unintentionally request thousands of records.

Current Implementation - No Default Limits

// backend/src/api/services/WorkflowService.js (line 28)
export async function getAllWorkflows(options = {}) {
  let workflows = await db.getAllWorkflows();
  
  // ... filtering logic ...
  
  const total = workflows.length;
  
  // Pagination - but no default limit if options.limit is undefined!
  if (options.limit !== undefined) {
    workflows = workflows.slice(
      options.offset || 0,
      (options.offset || 0) + options.limit
    );
  }
  
  return { workflows, total };
}

Problems Without Default Limits

1. Memory Consumption: Loading 10,000+ workflows into memory at once
2. Network Overhead: Large JSON responses slow down clients
3. Client Performance: Browsers struggle rendering huge lists
4. API Abuse: Easy to accidentally or maliciously request all data

Real-World Scenario

// Client makes request without pagination
GET /api/workflows
// Response: All 5,000 workflows (10MB+ JSON)

// Better: Response limited to 50 workflows by default
GET /api/workflows
// Response: First 50 workflows with total count

// Client explicitly requests more
GET /api/workflows?limit=100&offset=50
// Response: Next 100 workflows

Recommended Solution

Part 1: Define Pagination Constants

// backend/src/config/pagination.js (NEW FILE)
export const PAGINATION = {
  // Default number of items returned if no limit specified
  DEFAULT_LIMIT: 50,
  
  // Maximum number of items that can be requested
  MAX_LIMIT: 1000,
  
  // Minimum limit value
  MIN_LIMIT: 1,
  
  // Maximum offset value (prevent deep pagination attacks)
  MAX_OFFSET: 10000
};

/**
 * Normalize pagination options with defaults and limits
 */
export function normalizePaginationOptions(query = {}) {
  const limit = query.limit !== undefined 
    ? Math.min(Math.max(parseInt(query.limit), PAGINATION.MIN_LIMIT), PAGINATION.MAX_LIMIT)
    : PAGINATION.DEFAULT_LIMIT;
  
  const offset = query.offset !== undefined
    ? Math.min(Math.max(parseInt(query.offset), 0), PAGINATION.MAX_OFFSET)
    : 0;
  
  return { limit, offset };
}

/**
 * Create pagination metadata for response
 */
export function createPaginationMeta(offset, limit, total) {
  const currentPage = Math.floor(offset / limit) + 1;
  const totalPages = Math.ceil(total / limit);
  const hasMore = offset + limit < total;
  
  return {
    offset,
    limit,
    total,
    currentPage,
    totalPages,
    hasMore,
    nextOffset: hasMore ? offset + limit : null,
    prevOffset: offset > 0 ? Math.max(0, offset - limit) : null
  };
}

Part 2: Update WorkflowService

// backend/src/api/services/WorkflowService.js
import { PAGINATION, normalizePaginationOptions, createPaginationMeta } from '../../config/pagination.js';

export async function getAllWorkflows(options = {}) {
  let workflows = await db.getAllWorkflows();
  
  // ... existing filtering logic ...
  
  const total = workflows.length;
  
  // Apply pagination with defaults
  const { limit, offset } = normalizePaginationOptions(options);
  
  workflows = workflows.slice(offset, offset + limit);
  
  // Create pagination metadata
  const pagination = createPaginationMeta(offset, limit, total);
  
  return { 
    workflows, 
    total,
    pagination // Include metadata in response
  };
}

Part 3: Update StoreService

// backend/src/api/services/StoreService.js
import { normalizePaginationOptions, createPaginationMeta } from '../../config/pagination.js';

export async function getStoreSessions(options = {}) {
  let sessions = await db.getAllSessions();
  
  const total = sessions.length;
  
  // Apply pagination with defaults
  const { limit, offset } = normalizePaginationOptions(options);
  
  sessions = sessions.slice(offset, offset + limit);
  
  const pagination = createPaginationMeta(offset, limit, total);
  
  return { sessions, total, pagination };
}

Part 4: Update API Response Format

// backend/src/api/controllers/WorkflowController.js
export const getAllWorkflows = asyncHandler(async (req, res) => {
  const options = {
    limit: req.query.limit,
    offset: req.query.offset,
    tags: req.query.tags,
    author: req.query.author
  };
  
  const result = await WorkflowService.getAllWorkflows(options);
  
  res.json({
    success: true,
    data: {
      workflows: result.workflows,
      total: result.total,
      pagi...

</details>

- Fixes clduab11/gemini-flow#82

<!-- START COPILOT CODING AGENT TIPS -->
---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our [2 minute survey](https://gh.io/copilot-coding-agent-survey).

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}