tag/v2.1.0/backend/routes/notifications.js

// Notifications route — in-app notification management for users
// Provides unread notifications, counts, and mark-as-read operations.

const express = require('express');
const pool = require('../db');
const { requireAuth } = require('../middleware/auth');

function createNotificationsRouter() {
    const router = express.Router();

    // All routes require authentication
    router.use(requireAuth());

    /**
     * GET /api/notifications
     * Returns unread notifications for the current user, ordered by newest first.
     * Limited to 50 results.
     */
    router.get('/', async (req, res) => {
        try {
            const { rows } = await pool.query(
                `SELECT id, type, title, message, issue_number, read, created_at
                 FROM notifications
                 WHERE username = $1 AND read = FALSE
                 ORDER BY created_at DESC
                 LIMIT 50`,
                [req.user.username]
            );
            res.json(rows);
        } catch (err) {
            console.error('[Notifications] Error fetching notifications:', err.message);
            res.status(500).json({ error: 'Failed to fetch notifications' });
        }
    });

    /**
     * GET /api/notifications/count
     * Returns the unread notification count for the current user (for badge display).
     */
    router.get('/count', async (req, res) => {
        try {
            const { rows } = await pool.query(
                `SELECT COUNT(*)::int AS unread
                 FROM notifications
                 WHERE username = $1 AND read = FALSE`,
                [req.user.username]
            );
            res.json({ unread: rows[0].unread });
        } catch (err) {
            console.error('[Notifications] Error fetching count:', err.message);
            res.status(500).json({ error: 'Failed to fetch notification count' });
        }
    });

    /**
     * PATCH /api/notifications/:id/read
     * Marks a single notification as read. Only the owning user can mark their own.
     */
    router.patch('/:id/read', async (req, res) => {
        const { id } = req.params;
        try {
            const result = await pool.query(
                `UPDATE notifications SET read = TRUE
                 WHERE id = $1 AND username = $2`,
                [id, req.user.username]
            );
            if (result.rowCount === 0) {
                return res.status(404).json({ error: 'Notification not found' });
            }
            res.json({ status: 'ok' });
        } catch (err) {
            console.error('[Notifications] Error marking read:', err.message);
            res.status(500).json({ error: 'Failed to mark notification as read' });
        }
    });

    /**
     * POST /api/notifications/read-all
     * Marks all notifications as read for the current user.
     */
    router.post('/read-all', async (req, res) => {
        try {
            const result = await pool.query(
                `UPDATE notifications SET read = TRUE
                 WHERE username = $1 AND read = FALSE`,
                [req.user.username]
            );
            res.json({ status: 'ok', marked: result.rowCount });
        } catch (err) {
            console.error('[Notifications] Error marking all read:', err.message);
            res.status(500).json({ error: 'Failed to mark notifications as read' });
        }
    });

    return router;
}

module.exports = createNotificationsRouter;
Replace Webex bot with in-app notification system Org blocks external Webex bots, so replaced the DM approach with an in-app notification bell. GitLab webhook still fires on issue close, but now writes to a notifications table instead of calling Webex API. - New: notifications table + migration - New: GET/PATCH/POST /api/notifications endpoints - New: NotificationBell component (bell icon + badge + dropdown) - Removed: backend/helpers/webexBot.js (org-blocked) - Removed: WEBEX_BOT_TOKEN from .env 2026-05-18 17:15:05 -06:00			`// Notifications route — in-app notification management for users`
			`// Provides unread notifications, counts, and mark-as-read operations.`

			`const express = require('express');`
			`const pool = require('../db');`
			`const { requireAuth } = require('../middleware/auth');`

			`function createNotificationsRouter() {`
			`const router = express.Router();`

			`// All routes require authentication`
			`router.use(requireAuth());`

			`/**`
			`* GET /api/notifications`
			`* Returns unread notifications for the current user, ordered by newest first.`
			`* Limited to 50 results.`
			`*/`
			`router.get('/', async (req, res) => {`
			`try {`
			`const { rows } = await pool.query(`
			`SELECT id, type, title, message, issue_number, read, created_at
			`FROM notifications`
			`WHERE username = $1 AND read = FALSE`
			`ORDER BY created_at DESC`
			LIMIT 50`,
			`[req.user.username]`
			`);`
			`res.json(rows);`
			`} catch (err) {`
			`console.error('[Notifications] Error fetching notifications:', err.message);`
			`res.status(500).json({ error: 'Failed to fetch notifications' });`
			`}`
			`});`

			`/**`
			`* GET /api/notifications/count`
			`* Returns the unread notification count for the current user (for badge display).`
			`*/`
			`router.get('/count', async (req, res) => {`
			`try {`
			`const { rows } = await pool.query(`
			`SELECT COUNT(*)::int AS unread
			`FROM notifications`
			WHERE username = $1 AND read = FALSE`,
			`[req.user.username]`
			`);`
			`res.json({ unread: rows[0].unread });`
			`} catch (err) {`
			`console.error('[Notifications] Error fetching count:', err.message);`
			`res.status(500).json({ error: 'Failed to fetch notification count' });`
			`}`
			`});`

			`/**`
			`* PATCH /api/notifications/:id/read`
			`* Marks a single notification as read. Only the owning user can mark their own.`
			`*/`
			`router.patch('/:id/read', async (req, res) => {`
			`const { id } = req.params;`
			`try {`
			`const result = await pool.query(`
			`UPDATE notifications SET read = TRUE
			WHERE id = $1 AND username = $2`,
			`[id, req.user.username]`
			`);`
			`if (result.rowCount === 0) {`
			`return res.status(404).json({ error: 'Notification not found' });`
			`}`
			`res.json({ status: 'ok' });`
			`} catch (err) {`
			`console.error('[Notifications] Error marking read:', err.message);`
			`res.status(500).json({ error: 'Failed to mark notification as read' });`
			`}`
			`});`

			`/**`
			`* POST /api/notifications/read-all`
			`* Marks all notifications as read for the current user.`
			`*/`
			`router.post('/read-all', async (req, res) => {`
			`try {`
			`const result = await pool.query(`
			`UPDATE notifications SET read = TRUE
			WHERE username = $1 AND read = FALSE`,
			`[req.user.username]`
			`);`
			`res.json({ status: 'ok', marked: result.rowCount });`
			`} catch (err) {`
			`console.error('[Notifications] Error marking all read:', err.message);`
			`res.status(500).json({ error: 'Failed to mark notifications as read' });`
			`}`
			`});`

			`return router;`
			`}`

			`module.exports = createNotificationsRouter;`