Skip to main content
Version: MyBestDealNow

IN-APP Notification

Author(s)

  • Ribhu
  • Ayan
  • Ashik
  • Amarnath

Last Updated Date

2025-12-08 2025-12-11

SRS References

Version History

VersionDateChangesAuthor
1.02025-12-08Initial draft for IN-APP NotificationAshik
1.12025-12-11Updated GetInAppNotification to use Cursor Based PaginationAmarnath

Feature Overview

Objective: This document defines the architecture, workflow, and API design for IN-APP Notifications within the MyBestDealNow platform. The feature provides real-time notification management for auction-related events, allowing users to receive, view, mark as read, and delete notifications directly within the application.

Scope:
The feature enables users to stay informed about critical auction activities such as new auctions, bid placements, bid acceptance, and outbid events. All notifications are stored in the database and delivered to users in real-time using SignalR, with support for unread notification counts and bulk operations.

Dependencies:

  • SignalR for real-time notification delivery
  • Database for notification persistence
  • IAM service for user authentication
  • Auction and Bid management services for event triggers

Requirements

  1. System must store notifications for specific auction-related events.
  2. Each notification must contain comprehensive information including title, description, category, and related metadata.
  3. Notifications must be linked to specific users via UserId.
  4. System must track read/unread status of notifications.
  5. System must support real-time notification delivery via SignalR.
  6. Users must be able to retrieve their notifications with unread count.
  7. Users must be able to mark notifications as read (single or all).
  8. Users must be able to delete their notifications.
  9. Notifications must include optional image URLs for visual context.
  10. Notifications may include deep links (URL) to relevant app sections.
  11. System must automatically create notifications for predefined auction events.

Design Specifications

UI/UX Design:

  • Display notification bell icon with unread count badge in the header.
  • Show notification list in a dropdown or dedicated notifications page.
  • Display notification with icon, title, description, and timestamp.
  • Visual differentiation between read and unread notifications.
  • Provide options to mark as read (single/all) and delete notifications.
  • Support clicking notification to navigate to relevant section (via URL).
  • Show loading states during real-time updates.
  • Display empty state when no notifications exist.

Data Models:

Notification Model

public record Notification
{
    public Guid NotificationId { get; set; }
    public Guid UserId { get; set; }
    public string Title { get; set; } = string.Empty;
    public string Description { get; set; } = string.Empty;
    public InAppNotificationCategory Category { get; set; }
    public bool IsRead { get; set; } = false;
    public string? URL { get; set; }
    public string? Image { get; set; }
    public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

public enum InAppNotificationCategory
{
    All = 0,
    Bids = 1,
    Messages = 2,
    Auctions = 3,
    Systems = 4
}

public record CursorPaginationFilter
{
    // Use one of these: NextCursor to get items AFTER the given cursor,
    // or PreviousCursor to get items BEFORE the given cursor.
    public string? NextCursor { get; set; }   // fetch next page (older/newer depending on sort)
    public string? PreviousCursor { get; set; }  // fetch previous page

    // Page size
    public int Limit { get; set; } = 20;
}


public record InAppNotificationFilter : CursorPaginationFilter
{
    public InAppNotificationCategory? Category { get; init; }
    public bool? IsRead { get; init; }
}

public record MarkAsReadRequest
{
    public Guid? NotificationId { get; set; }
    public bool MarkAll { get; set; } = false;
}

public record DeleteNotificationRequest
{
    public Guid? NotificationId { get; set; }
    public bool DeleteAll { get; set; } = false;
}

public record AddInAppNotificationRequest
{
    public Guid UserId { get; set; }
    public string Title { get; set; } = string.Empty;
    public string Description { get; set; } = string.Empty;
    public InAppNotificationCategory Category { get; set; }
    public bool IsRead { get; set; } = false;
    public string? URL { get; set; }
    public string? Image { get; set; }
}

public class CursorPaginatedData<T>
{
    public List<T> Data { get; set; } = [];

    public string? NextCursor { get; set; }
    public string? PreviousCursor { get; set; }

    public bool HasNextPage { get; set; }
    public bool HasPreviousPage { get; set; }

    public int? TotalCount { get; set; }

    public int Limit { get; set; }
}


 public class GetNotificationsResponse : CursorPaginatedData<Notification>
 {
     public int UnreadCount { get; set; }
 }

public record CommonResponse
{
    public int Status { get; init; }
    public string? Message { get; init; }
}

/// <summary>
/// MassTransit request contract for broadcasting in-app notifications via SignalR
/// This request is published by NotificationService after saving an in-app notification
/// and consumed by AuctionEngineService to broadcast via SignalR to connected clients
/// </summary>
public record BroadcastInAppNotificationRequest
{
    public Guid NotificationId { get; set; }
    public Guid UserId { get; set; }
    public string Title { get; set; } = string.Empty;
    public string Description { get; set; } = string.Empty;
    public InAppNotificationCategory Category { get; set; }
    public bool IsRead { get; set; } = false;
    public string? URL { get; set; }
    public string? Image { get; set; }
    public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

API Endpoints

EndpointMethodRouteParameters / PayloadResponseStatus Codes
Get NotificationsGET/in-appQuery params (pagination, filtering) + JWT tokenGetNotificationsResponse200, 400, 401, 500
Mark Notification(s) as ReadPUT/in-app/mark-as-readMarkAsReadRequest (body)CommonResponse200, 400, 401, 404, 500
Delete Notification(s)DELETE/in-app/deleteDeleteNotificationRequest (body)CommonResponse200, 400, 401, 404, 500

API Request and Responses

Get Notifications

Endpoint: GET /in-app

Controller: InAppNotificationController.GetNotifications()

Description: Retrieves paginated in-app notifications for the authenticated user along with unread count and pagination metadata. Uses cursor-based pagination for efficient data retrieval. Works with SignalR's ReceiveNotification event for real-time updates.

Authorization: Required (JWT Bearer Token)

Query Parameters:

ParameterTypeRequiredDefaultDescription
limitintNo10Number of notifications per page (1-100)
nextCursorstringNonullCursor for next page (Base64 encoded)
previousCursorstringNonullCursor for previous page (Base64 encoded)
categoryInAppNotificationCategoryNonullFilter by notification category (optional)
isReadboolNonullFilter by read status (optional)

Example Request:

GET /in-app?limit=10&category=NotifyDealersAboutNewAuction
Authorization: Bearer {token}

Success Response (200 OK):

{
  "status": 200,
  "message": "Notifications retrieved successfully",
  "data": {
    "data": [
      {
        "notificationId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
        "userId": "550e8400-e29b-41d4-a716-446655440000",
        "title": "New Auction Available",
        "description": "A new auction for 2020 Toyota Camry has been created",
        "category": "Auctions",
        "isRead": false,
        "url": "/auctions/3fa85f64-5717-4562-b3fc-2c963f66afa6",
        "image": "https://example.com/images/auction-123.jpg",
        "createdAt": "2025-12-08T10:30:00Z"
      },
      {
        "notificationId": "4fb85f64-5717-4562-b3fc-2c963f66afa7",
        "userId": "550e8400-e29b-41d4-a716-446655440000",
        "title": "You've Been Outbid",
        "description": "Your bid on 2019 Honda Accord has been outbid",
        "category": "Bids",
        "isRead": true,
        "url": "/auctions/4fb85f64-5717-4562-b3fc-2c963f66afa7",
        "image": "https://example.com/images/auction-456.jpg",
        "createdAt": "2025-12-08T09:15:00Z"
      }
    ],
    "unreadCount": 15,
    "nextCursor": "MjAyNS0xMi0wOFQxMDozMDowMFolMzZhODVmNjQtNTcxNy00NTYyLWIzZmMtMmM5NjNmNjZhZmE3",
    "previousCursor": null,
    "hasNextPage": true,
    "hasPreviousPage": false,
    "totalCount": 45,
    "limit": 10
  }
}

Response Model Fields:

FieldTypeDescription
dataNotification[]Array of notification objects
unreadCountintTotal count of unread notifications for the user
nextCursorstring?Cursor for fetching next page (null if no more pages)
previousCursorstring?Cursor for fetching previous page (null if at start)
hasNextPageboolIndicates if more notifications exist
hasPreviousPageboolIndicates if previous page exists
totalCountintTotal notifications count for user
limitintCurrent page size limit

Error Response (400 Bad Request):

{
  "status": 400,
  "message": "Invalid filter parameters"
}

Note: Returns HTTP 400 status code with error message: "Limit must be between 1 and 100", "Cannot provide both PreviousCursor and NextCursor in the same request", or "Invalid cursor format"

Error Response (401 Unauthorized):

{
  "status": 401,
  "message": "Invalid user token"
}

Note: Returns HTTP 401 status code when JWT token is missing, invalid, or expired.

Error Response (500 Internal Server Error):

{
  "status": 500,
  "message": "An internal error occurred while retrieving notifications"
}

Note: Returns HTTP 500 status code with error message describing the database or server error.

Mark Notification as Read

Endpoint: PUT /in-app/mark-as-read

Controller: InAppNotificationController.MarkAsRead()

Description: Marks one or all notifications as read for the authenticated user. The operation is validated at the controller level to ensure the notification belongs to the authenticated user.

Authorization: Required (JWT Bearer Token)

Request Body (Single Notification):

{
  "notificationId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "markAll": false
}

Request Body (All Notifications):

{
  "notificationId": null,
  "markAll": true
}

Success Response (200 OK - Single):

{
  "status": 200,
  "message": "Notification(s) marked as read successfully"
}

Success Response (200 OK - All):

{
  "status": 200,
  "message": "Notification(s) marked as read successfully"
}

Error Response (400 Bad Request):

{
  "status": 400,
  "message": "NotificationId is required"
}

Note: Returns HTTP 400 when neither NotificationId is provided nor MarkAll is set to true.

Error Response (401 Unauthorized):

{
  "status": 401,
  "message": "Invalid user token"
}

Error Response (404 Not Found):

{
  "status": 404,
  "message": "Notification not found"
}

Error Response (500 Internal Server Error):

{
  "status": 500,
  "message": "An internal error occurred while marking notification as read"
}

Delete Notification

Endpoint: DELETE /in-app/delete

Controller: InAppNotificationController.DeleteNotification()

Description: Deletes one or all notifications for the authenticated user. The operation is validated at the controller level to ensure the notification belongs to the authenticated user.

Authorization: Required (JWT Bearer Token)

Request Body (Single Notification):

{
  "notificationId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "deleteAll": false
}

Request Body (All Notifications):

{
  "notificationId": null,
  "deleteAll": true
}

Success Response (200 OK - Single):

{
  "status": 200,
  "message": "Notification(s) deleted successfully"
}

Success Response (200 OK - All):

{
  "status": 200,
  "message": "Notification(s) deleted successfully"
}

Error Response (400 Bad Request):

{
  "status": 400,
  "message": "NotificationId is required"
}

Note: Returns HTTP 400 when neither NotificationId is provided nor DeleteAll is set to true.

Error Response (401 Unauthorized):

{
  "status": 401,
  "message": "Invalid user token"
}

Error Response (404 Not Found):

{
  "status": 404,
  "message": "Notification not found"
}

Error Response (500 Internal Server Error):

{
  "status": 500,
  "message": "An internal error occurred while deleting notification"
}

Third-Party Integrations:

  • SignalR → Real-time notification delivery via ReceiveNotification event.

Workflow:

1. Notification Creation

  • System detects auction-related event (new auction, bid placed, etc.)
  • System creates notification record via AddNewInAppNotification()
  • System determines target user(s) based on event context
  • Notification stored in PostgreSQL with UTC timestamp

2. Real-Time Delivery

  • System sends notification to user via SignalR ReceiveNotification event
  • Connected clients receive notification instantly
  • Client updates UI to show new notification badge
  • Client increments unread count display

3. Notification Retrieval

  • User opens notification panel
  • Client calls GET /in-app?limit=10
  • Controller extracts userId from JWT token
  • Helper validates pagination parameters
  • DAL queries PostgreSQL with cursor-based pagination
  • System calculates unread count
  • System returns paginated notifications with cursors
  • Client displays notifications with read/unread indicators
  • Client displays pagination controls using cursors

4. Mark as Read (Single)

  • User clicks on a notification
  • Client calls PATCH /in-app/mark-as-read with notificationId
  • Controller validates JWT token and request
  • DAL updates isread = true for notification
  • Client updates UI to mark notification as read
  • Client decrements unread count display

5. Mark as Read (All)

  • User clicks "Mark all as read"
  • Client calls PATCH /in-app/mark-as-read with markAll: true
  • Controller validates JWT token and request
  • DAL updates all unread notifications for user
  • Client clears all read indicators
  • Client sets unread count to 0

6. Delete Notification (Single)

  • User clicks delete icon on notification
  • Client calls DELETE /in-app/delete with notificationId
  • Controller validates JWT token and request
  • DAL removes notification from database
  • Client removes notification from UI

7. Delete Notification (All)

  • User clicks "Delete all"
  • Client calls DELETE /in-app/delete with deleteAll: true
  • Controller validates JWT token and request
  • DAL deletes all notifications for user
  • Client clears notification list

8. Navigation

  • User clicks on notification with URL
  • Client extracts URL from notification object
  • Client navigates to specified URL (e.g., /auctions/{auctionId})
  • Client marks notification as read

Notification Categories & Trigger Events

1. Notify Dealers About New Auction

Trigger: When a new auction is created by a customer

Target Audience: All eligible dealers

Notification Details:

  • Title: "New Auction Available"
  • Description: "A new auction for [Vehicle Make Model Year] has been created"
  • Category: Auctions
  • URL: /auctions/{auctionId}
  • Image: Vehicle primary image URL

2. Bid Place

Trigger: When any bid is placed on an auction

Target Audience: Auction owner (customer)

Notification Details:

  • Title: "New Bid Received"
  • Description: "[Dealer Name] placed a bid of $[Amount] on your auction"
  • Category: Bids
  • URL: /auctions/{auctionId}/bids
  • Image: Vehicle primary image URL

3. First Bid

Trigger: When the first bid is placed on an auction

Target Audience: Auction owner (customer)

Notification Details:

  • Title: "First Bid Received!"
  • Description: "Congratulations! [Dealer Name] placed the first bid of $[Amount] on your auction"
  • Category: Bids
  • URL: /auctions/{auctionId}/bids
  • Image: Vehicle primary image URL

4. New Lowest Bid Placed

Trigger: When a new lowest bid is placed on an auction

Target Audience: Auction owner (customer)

Notification Details:

  • Title: "New Lowest Bid"
  • Description: "[Dealer Name] placed the lowest bid of $[Amount] on your auction"
  • Category: Bids
  • URL: /auctions/{auctionId}/bids
  • Image: Vehicle primary image URL

5. Bid Accepted

Trigger: When a dealer accepts a customer's bid

Target Audience: Bid owner (customer)

Notification Details:

  • Title: "Bid Accepted!"
  • Description: "Congratulations! Your bid of $[Amount] has been accepted by [Dealer Name]"
  • Category: Bids
  • URL: /auctions/{auctionId}
  • Image: Vehicle primary image URL

6. Outbid

Trigger: When a dealer's bid is no longer the lowest bid

Target Audience: Previously lowest bidder (dealer)

Notification Details:

  • Title: "You've Been Outbid"
  • Description: "Your bid on [Vehicle Make Model Year] is no longer the lowest. Current lowest: $[Amount]"
  • Category: Bids
  • URL: /auctions/{auctionId}/bids
  • Image: Vehicle primary image URL

SignalR Integration

Hub Connection

Clients must establish a SignalR connection to receive real-time notifications.

Connection URL: /notificationHub

Authentication: JWT Bearer token required in connection headers

Event: ReceiveNotification

Description: Broadcasted when a new notification is created for the user

Event Name: ReceiveNotification

Payload:

{
  "notificationId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "userId": "550e8400-e29b-41d4-a716-446655440000",
  "title": "New Auction Available",
  "description": "A new auction for 2020 Toyota Camry has been created",
  "category": "NotifyDealersAboutNewAuction",
  "isRead": false,
  "url": "/auctions/3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "image": "https://example.com/images/auction-123.jpg",
  "createdAt": "2025-12-08T10:30:00Z"
}

Database Schema

Notifications Table

CREATE TABLE Notifications (
    NotificationId UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    UserId UUID NOT NULL,
    Title TEXT NOT NULL,
    Description TEXT NOT NULL,
    Category VARCHAR(255) NOT NULL,
    IsRead BOOLEAN NOT NULL DEFAULT false,
    URL TEXT NOT NULL,
    Image VARCHAR(255) NOT NULL,
    CreatedAt TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE INDEX IX_Notifications_UserId_CreatedAt ON Notifications (UserId, CreatedAt DESC);
CREATE INDEX IX_Notifications_UserId_IsRead ON Notifications (UserId, IsRead);

Implementation Considerations

Performance Optimization

  1. Pagination: Implemented with configurable page size (default 10, max 100) to handle large notification lists efficiently
  2. Caching: Cache unread count for quick access and reduce database queries
  3. Indexing: Ensure proper database indexes on UserId, IsRead, and CreatedAt for optimal query performance
  4. Cleanup: Implement periodic cleanup of old read notifications (e.g., delete after 90 days)
  5. Query Optimization: Use efficient COUNT queries for pagination metadata without loading all records

Security

  1. Authorization: Always validate that users can only access their own notifications
  2. Rate Limiting: Implement rate limiting on notification endpoints
  3. Input Validation: Validate all request parameters to prevent injection attacks

Scalability

  1. SignalR Backplane: Use Redis backplane for SignalR in multi-server deployments
  2. Database Partitioning: Consider partitioning notifications table by date for large datasets
  3. Async Processing: Create notifications asynchronously to avoid blocking main operations

Notification Deduplication

Implement logic to prevent duplicate notifications for the same event:

  • Track notification fingerprint (event type + entity ID + user ID)
  • Check for existing notification within time window before creating new one

Development Tasks & Estimates

NoTask NameEstimate (Hours)DependenciesNotes
1Database schema and models3Table + C# models
2Repository and service layer6Task 1CRUD + business logic
3API endpoints (Get, MarkAsRead, Delete)8Task 2All 3 APIs with pagination
4SignalR hub and real-time events4Task 1Hub + ReceiveNotification
5Notification trigger handlers8Task 2, 46 event categories
6Testing and documentation6AllUnit/integration tests
Total35 Hours

Testing Scenarios

Functional Testing

  1. Verify notification creation for each category
  2. Test GetNotifications returns correct paginated data and unread count
  3. Test pagination with different page numbers and rows per page values
  4. Test pagination boundary conditions (first page, last page, invalid page)
  5. Verify HasPreviousPage and HasNextPage flags work correctly
  6. Test default pagination parameters (pageNumber=1, rowsPerPage=10)
  7. Test marking single notification as read
  8. Test marking all notifications as read
  9. Test deleting single notification
  10. Test deleting all notifications
  11. Verify SignalR real-time delivery
  12. Test notification filtering by user
  13. Verify URL and Image fields are optional
  14. Test concurrent notification operations
  15. Verify pagination metadata accuracy (TotalPages, TotalNumber)

Security Testing

  1. Verify users cannot access other users' notifications
  2. Test API authentication requirements
  3. Test authorization on all endpoints
  4. Verify SQL injection prevention
  5. Test rate limiting

Performance Testing

  1. Load test with 1000+ notifications per user
  2. Test SignalR scalability with multiple concurrent users
  3. Verify database query performance with indexes
  4. Test notification creation throughput

Review & Approval

Reviewer:

Approval Date: