# Route Spec

## Route ID
`notifications-read-patch`

## Endpoint
`PATCH /api/v1/notifications/read`

## Human Description
Marks notifications as read.

## Authentication
- Required: `yes`

## Request
### Headers
- `Content-Type: application/json`

### Body
```json
{
  "notificationIds": ["ntf_1", "ntf_2"],
  "markAll": false
}
```

### Validation Rules
- Either `notificationIds` or `markAll=true` required.

## Responses
### Success: `200 OK`
```json
{"success": true, "message": "Notifications marked as read", "data": {"updated": 2}}
```

### Error: `401 Unauthorized`
When returned:
- Missing or invalid access token.

Body:
```json
{"success": false, "error": {"code": "UNAUTHORIZED", "message": "Authentication required.", "details": {}}}
```

### Error: `404 Not Found`
When returned:
- One or more notification IDs are not found.

Body:
```json
{"success": false, "error": {"code": "NOTIFICATION_NOT_FOUND", "message": "Notification does not exist.", "details": {}}}
```

### Error: `422 Unprocessable Entity`
When returned:
- Invalid read request payload.

Body:
```json
{"success": false, "error": {"code": "VALIDATION_FAILED", "message": "Please fix highlighted fields.", "details": {}}}
```

## Data & Caching Dependencies
- **Spanner Tables:** `notifications (Read/Write)`
- **Redis Cache:** `None`
- **GCS Storage:** `None`
- **Edge Cache (CDN):** `No`

## Side Effects
- Updates read-state flags on selected notifications (or all notifications).
- Recomputes unread count for current user.