How to handle filtering in Node.js APIs
Łukasz Holeczek
Follow Łukasz Holeczek on GitHub
Connect with Łukasz Holeczek on LinkedIn
Follow Łukasz Holeczek on X (Twitter)
Implementing filtering allows users to search and narrow down results in Node.js APIs, essential for data-heavy applications. As the creator of CoreUI with over 11 years of Node.js development experience since 2014, I’ve built robust filtering systems for enterprise APIs. The most effective solution is to accept filter criteria as query parameters and build dynamic where clauses for database queries. This approach provides flexibility while maintaining performance and security.
Use query parameters to implement filtering in Node.js APIs.
const express = require('express')
const { User, Op } = require('./models')
const app = express()
app.get('/api/users', async (req, res) => {
const { search, status, role } = req.query
const where = {}
if (search) {
where[Op.or] = [
{ name: { [Op.like]: `%${search}%` } },
{ email: { [Op.like]: `%${search}%` } }
]
}
if (status) {
where.status = status
}
if (role) {
where.role = role
}
const users = await User.findAll({ where })
res.json(users)
})
The API accepts multiple query parameters for different filter criteria. A where object is built dynamically based on provided parameters. The search parameter uses Sequelize’s Op.like operator to perform partial matching across multiple fields. Exact match filters like status and role are added directly to the where clause. Only provided parameters are included in the query, allowing flexible combinations of filters.
Best Practice Note
This is the same filtering pattern we use in CoreUI backend APIs for search functionality. Always sanitize filter values to prevent SQL injection, and consider using prepared statements or ORM parameter binding. For better performance with large datasets, add database indexes on frequently filtered columns and implement query result caching for common filter combinations.
