fix: Restore all files lost during destructive rebase

A previous `git pull --rebase origin main` dropped 177 local commits,
losing 3400+ files across admin-v2, backend, studio-v2, website,
klausur-service, and many other services. The partial restore attempt
(660295e2) only recovered some files.

This commit restores all missing files from pre-rebase ref 98933f5e
while preserving post-rebase additions (night-scheduler, night-mode UI,
NightModeWidget dashboard integration).

Restored features include:
- AI Module Sidebar (FAB), OCR Labeling, OCR Compare
- GPU Dashboard, RAG Pipeline, Magic Help
- Klausur-Korrektur (8 files), Abitur-Archiv (5+ files)
- Companion, Zeugnisse-Crawler, Screen Flow
- Full backend, studio-v2, website, klausur-service
- All compliance SDKs, agent-core, voice-service
- CI/CD configs, documentation, scripts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/notification_api.py

@@ -0,0 +1,142 @@
+"""
+Notification API - Proxy zu Go Consent Service für Benachrichtigungen
+"""
+
+from fastapi import APIRouter, HTTPException, Header, Query
+from typing import Optional
+import httpx
+
+router = APIRouter(prefix="/v1/notifications", tags=["Notifications"])
+
+CONSENT_SERVICE_URL = "http://localhost:8081"
+
+
+async def proxy_request(
+    method: str,
+    path: str,
+    authorization: Optional[str] = None,
+    json_data: dict = None,
+    params: dict = None
+):
+    """Proxy request to Go consent service."""
+    headers = {}
+    if authorization:
+        headers["Authorization"] = authorization
+
+    async with httpx.AsyncClient() as client:
+        try:
+            response = await client.request(
+                method,
+                f"{CONSENT_SERVICE_URL}{path}",
+                headers=headers,
+                json=json_data,
+                params=params,
+                timeout=30.0
+            )
+
+            if response.status_code >= 400:
+                raise HTTPException(
+                    status_code=response.status_code,
+                    detail=response.json().get("error", "Request failed")
+                )
+
+            return response.json()
+        except httpx.RequestError as e:
+            raise HTTPException(status_code=503, detail=f"Consent service unavailable: {str(e)}")
+
+
+@router.get("")
+async def get_notifications(
+    limit: int = Query(20, ge=1, le=100),
+    offset: int = Query(0, ge=0),
+    unread_only: bool = Query(False),
+    authorization: Optional[str] = Header(None)
+):
+    """Holt alle Benachrichtigungen des aktuellen Benutzers."""
+    params = {
+        "limit": limit,
+        "offset": offset,
+        "unread_only": str(unread_only).lower()
+    }
+    return await proxy_request(
+        "GET",
+        "/api/v1/notifications",
+        authorization=authorization,
+        params=params
+    )
+
+
+@router.get("/unread-count")
+async def get_unread_count(
+    authorization: Optional[str] = Header(None)
+):
+    """Gibt die Anzahl ungelesener Benachrichtigungen zurück."""
+    return await proxy_request(
+        "GET",
+        "/api/v1/notifications/unread-count",
+        authorization=authorization
+    )
+
+
+@router.put("/{notification_id}/read")
+async def mark_as_read(
+    notification_id: str,
+    authorization: Optional[str] = Header(None)
+):
+    """Markiert eine Benachrichtigung als gelesen."""
+    return await proxy_request(
+        "PUT",
+        f"/api/v1/notifications/{notification_id}/read",
+        authorization=authorization
+    )
+
+
+@router.put("/read-all")
+async def mark_all_as_read(
+    authorization: Optional[str] = Header(None)
+):
+    """Markiert alle Benachrichtigungen als gelesen."""
+    return await proxy_request(
+        "PUT",
+        "/api/v1/notifications/read-all",
+        authorization=authorization
+    )
+
+
+@router.delete("/{notification_id}")
+async def delete_notification(
+    notification_id: str,
+    authorization: Optional[str] = Header(None)
+):
+    """Löscht eine Benachrichtigung."""
+    return await proxy_request(
+        "DELETE",
+        f"/api/v1/notifications/{notification_id}",
+        authorization=authorization
+    )
+
+
+@router.get("/preferences")
+async def get_preferences(
+    authorization: Optional[str] = Header(None)
+):
+    """Holt die Benachrichtigungseinstellungen des Benutzers."""
+    return await proxy_request(
+        "GET",
+        "/api/v1/notifications/preferences",
+        authorization=authorization
+    )
+
+
+@router.put("/preferences")
+async def update_preferences(
+    preferences: dict,
+    authorization: Optional[str] = Header(None)
+):
+    """Aktualisiert die Benachrichtigungseinstellungen."""
+    return await proxy_request(
+        "PUT",
+        "/api/v1/notifications/preferences",
+        authorization=authorization,
+        json_data=preferences
+    )