feat: Space Booking System - MVP complet

Sistem web pentru rezervarea de birouri și săli de ședință
cu flux de aprobare administrativă.

Stack: FastAPI + Vue.js 3 + SQLite + TypeScript

Features implementate:
- Autentificare JWT + Self-registration cu email verification
- CRUD Spații, Utilizatori, Settings (Admin)
- Calendar interactiv (FullCalendar) cu drag-and-drop
- Creare rezervări cu validare (durată, program, overlap, max/zi)
- Rezervări recurente (săptămânal)
- Admin: aprobare/respingere/anulare cereri
- Admin: creare directă rezervări (bypass approval)
- Admin: editare orice rezervare
- User: editare/anulare rezervări proprii
- Notificări in-app (bell icon + dropdown)
- Notificări email (async SMTP cu BackgroundTasks)
- Jurnal acțiuni administrative (audit log)
- Rapoarte avansate (utilizare, top users, approval rate)
- Șabloane rezervări (booking templates)
- Atașamente fișiere (upload/download)
- Conflict warnings (verificare disponibilitate real-time)
- Integrare Google Calendar (OAuth2)
- Suport timezone (UTC storage + user preference)
- 225+ teste backend

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/app/api/notifications.py

@@ -0,0 +1,67 @@
+"""Notifications API endpoints."""
+from typing import Annotated, Optional
+
+from fastapi import APIRouter, Depends, HTTPException, Query, status
+from sqlalchemy.orm import Session
+
+from app.core.deps import get_current_user, get_db
+from app.models.notification import Notification
+from app.models.user import User
+from app.schemas.notification import NotificationRead
+
+router = APIRouter(prefix="/notifications", tags=["notifications"])
+
+
+@router.get("", response_model=list[NotificationRead])
+def get_notifications(
+    db: Annotated[Session, Depends(get_db)],
+    current_user: Annotated[User, Depends(get_current_user)],
+    is_read: Optional[bool] = Query(None, description="Filter by read status"),
+) -> list[Notification]:
+    """
+    Get notifications for the current user.
+
+    Optional filter by read status (true/false/all).
+    Returns notifications ordered by created_at DESC.
+    """
+    query = db.query(Notification).filter(Notification.user_id == current_user.id)
+
+    if is_read is not None:
+        query = query.filter(Notification.is_read == is_read)
+
+    notifications = query.order_by(Notification.created_at.desc()).all()
+    return notifications
+
+
+@router.put("/{notification_id}/read", response_model=NotificationRead)
+def mark_notification_as_read(
+    notification_id: int,
+    db: Annotated[Session, Depends(get_db)],
+    current_user: Annotated[User, Depends(get_current_user)],
+) -> Notification:
+    """
+    Mark a notification as read.
+
+    Verifies the notification belongs to the current user.
+    """
+    notification = (
+        db.query(Notification).filter(Notification.id == notification_id).first()
+    )
+
+    if not notification:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Notification not found",
+        )
+
+    if notification.user_id != current_user.id:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="You can only mark your own notifications as read",
+        )
+
+    notification.is_read = True
+    db.commit()
+    db.refresh(notification)
+
+    return notification