trovesuite 1.0.9__py3-none-any.whl → 1.0.11__py3-none-any.whl

trovesuite/configs/settings.py

@@ -1,153 +1,57 @@
 import os
-import warnings
-from typing import Optional
-
 class Settings:
-    """Settings configuration for TroveSuite Auth Service"""
 
-    # =============================================================================
-    # DATABASE CONFIGURATION
-    # =============================================================================
-    DATABASE_URL: str = os.getenv(
-        "DATABASE_URL", 
-        "postgresql://username:password@localhost:5432/database_name"
-    )
+    # Database URL
+    DATABASE_URL: str = os.getenv("DATABASE_URL")
 
-    # Alternative database configuration
-    DB_USER: Optional[str] = os.getenv("DB_USER")
-    DB_HOST: Optional[str] = os.getenv("DB_HOST")
-    DB_NAME: Optional[str] = os.getenv("DB_NAME")
-    DB_PORT: int = int(os.getenv("DB_PORT", "5432"))
-    DB_PASSWORD: Optional[str] = os.getenv("DB_PASSWORD")
-    ENVIRONMENT: str = os.getenv("ENVIRONMENT", "development")
+    DB_USER: str = os.getenv("DB_USER")
+    DB_HOST: str = os.getenv("DB_HOST")
+    DB_NAME: str = os.getenv("DB_NAME")
+    DB_PORT: str = os.getenv("DB_PORT")
+    DB_PASSWORD: str = os.getenv("DB_PASSWORD")
 
-    # =============================================================================
-    # APPLICATION SETTINGS
-    # =============================================================================
-    APP_NAME: str = os.getenv("APP_NAME", "TroveSuite Auth Service")
-    DEBUG: bool = os.getenv("DEBUG", "False").lower() == "true"
-    
-    # =============================================================================
-    # SECURITY SETTINGS
-    # =============================================================================
-    ALGORITHM: str = os.getenv("ALGORITHM", "HS256")
-    SECRET_KEY: str = os.getenv("SECRET_KEY", "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7")
-    ACCESS_TOKEN_EXPIRE_MINUTES: int = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "60"))
+    # Application settings
+    APP_NAME: str = os.getenv("APP_NAME", "Python Template API")
+    DEBUG: bool = os.getenv("DEBUG", "True").lower() in ("true",1)
+    APP_VERSION: str = os.getenv("APP_VERSION", "1.0.0")
     
-    # =============================================================================
-    # LOGGING SETTINGS
-    # =============================================================================
+    # Logging settings
     LOG_LEVEL: str = os.getenv("LOG_LEVEL", "INFO")
     LOG_FORMAT: str = os.getenv("LOG_FORMAT", "detailed")  # detailed, json, simple
-    LOG_TO_FILE: bool = os.getenv("LOG_TO_FILE", "False").lower() == "false"
+    LOG_TO_FILE: bool = os.getenv("LOG_TO_FILE", "False").lower() in ("true", 1)
     LOG_MAX_SIZE: int = int(os.getenv("LOG_MAX_SIZE", "10485760"))  # 10MB
     LOG_BACKUP_COUNT: int = int(os.getenv("LOG_BACKUP_COUNT", "5"))
     LOG_DIR: str = os.getenv("LOG_DIR", "logs")
-
+        
+   # Security settings
+    ENVIRONMENT: str = os.getenv("ENVIRONMENT")
+    ALGORITHM: str = os.getenv("ALGORITHM")
+    SECRET_KEY: str = os.getenv("SECRET_KEY")
+    ACCESS_TOKEN_EXPIRE_MINUTES: int = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "120"))
+    
     # =============================================================================
-    # DATABASE TABLE NAMES
+    # SHARED TABLES (main schema)
     # =============================================================================
-    # Main schema tables
-    MAIN_TENANTS_TABLE: str = os.getenv("MAIN_TENANTS_TABLE", "tenants")
-    ROLE_PERMISSIONS_TABLE: str = os.getenv("ROLE_PERMISSIONS_TABLE", "role_permissions")
-    
-    # Tenant-specific tables (used in queries with tenant schema)
-    TENANT_LOGIN_SETTINGS_TABLE: str = os.getenv("TENANT_LOGIN_SETTINGS_TABLE", "login_settings")
-    USER_GROUPS_TABLE: str = os.getenv("USER_GROUPS_TABLE", "user_groups")
-    ASSIGN_ROLES_TABLE: str = os.getenv("ASSIGN_ROLES_TABLE", "assign_roles")
+    MAIN_TENANTS_TABLE = os.getenv("MAIN_TENANTS_TABLE")
+    MAIN_ROLE_PERMISSIONS_TABLE = os.getenv("MAIN_ROLE_PERMISSIONS_TABLE")
+    MAIN_USER_SUBSCRIPTIONS_TABLE = os.getenv("MAIN_USER_SUBSCRIPTIONS_TABLE")
+    MAIN_USER_SUBSCRIPTION_HISTORY_TABLE = os.getenv("MAIN_USER_SUBSCRIPTION_HISTORY_TABLE")
+    MAIN_SUBSCRIPTIONS_TABLE = os.getenv("MAIN_SUBSCRIPTIONS_TABLE")
 
     # =============================================================================
-    # AZURE CONFIGURATION (Optional - for queue functionality)
+    # TENANT-SPECIFIC TABLES (tenant schemas)
     # =============================================================================
-    STORAGE_ACCOUNT_NAME: str = os.getenv("STORAGE_ACCOUNT_NAME", "")
-    USER_ASSIGNED_MANAGED_IDENTITY: str = os.getenv("USER_ASSIGNED_MANAGED_IDENTITY", "")
-    
+    TENANT_LOGIN_SETTINGS_TABLE = os.getenv("TENANT_LOGIN_SETTINGS_TABLE")
+    TENANT_ASSIGN_ROLES_TABLE = os.getenv("TENANT_ASSIGN_ROLES_TABLE")
+    TENANT_USER_GROUPS_TABLE = os.getenv("TENANT_USER_GROUPS_TABLE")
+
     @property
     def database_url(self) -> str:
-        """Get the database URL, either from DATABASE_URL or constructed from individual components"""
-        if self.DATABASE_URL != "postgresql://username:password@localhost:5432/database_name":
+        if self.DATABASE_URL:
             return self.DATABASE_URL
-        
-        # Validate individual components
-        if not all([self.DB_USER, self.DB_HOST, self.DB_NAME, self.DB_PASSWORD]):
-            missing = []
-            if not self.DB_USER:
-                missing.append("DB_USER")
-            if not self.DB_HOST:
-                missing.append("DB_HOST")
-            if not self.DB_NAME:
-                missing.append("DB_NAME")
-            if not self.DB_PASSWORD:
-                missing.append("DB_PASSWORD")
-            
-            raise ValueError(
-                f"Database configuration incomplete. Missing environment variables: {', '.join(missing)}. "
-                f"Please set these variables or provide a complete DATABASE_URL."
-            )
-        
-        return f"postgresql://{self.DB_USER}:{self.DB_PASSWORD}@{self.DB_HOST}:{self.DB_PORT}/{self.DB_NAME}"
-    
-    def validate_configuration(self) -> None:
-        """Validate the current configuration and warn about potential issues"""
-        warnings_list = []
-        
-        # Check for default secret key
-        if self.SECRET_KEY == "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7":
-            warnings_list.append(
-                "SECRET_KEY is using the default value. This is insecure for production. "
-                "Please set a strong, unique SECRET_KEY environment variable."
-            )
-        
-        # Check for development environment in production-like settings
-        if self.ENVIRONMENT == "development" and self.DEBUG is False:
-            warnings_list.append(
-                "ENVIRONMENT is set to 'development' but DEBUG is False. "
-                "Consider setting ENVIRONMENT to 'production' for production deployments."
-            )
-        
-        # Check database configuration
-        try:
-            self.database_url
-        except ValueError as e:
-            warnings_list.append(f"Database configuration issue: {str(e)}")
-        
-        # Check for missing Azure configuration if needed
-        if self.ENVIRONMENT == "production" and not self.STORAGE_ACCOUNT_NAME:
-            warnings_list.append(
-                "STORAGE_ACCOUNT_NAME is not set. Azure queue functionality may not work properly."
-            )
-        
-        # Emit warnings
-        for warning in warnings_list:
-            warnings.warn(warning, UserWarning)
-    
-    def get_configuration_summary(self) -> dict:
-        """Get a summary of the current configuration (excluding sensitive data)"""
-        return {
-            "app_name": self.APP_NAME,
-            "environment": self.ENVIRONMENT,
-            "debug": self.DEBUG,
-            "database_host": self.DB_HOST,
-            "database_port": self.DB_PORT,
-            "database_name": self.DB_NAME,
-            "database_user": self.DB_USER,
-            "log_level": self.LOG_LEVEL,
-            "log_format": self.LOG_FORMAT,
-            "log_to_file": self.LOG_TO_FILE,
-            "algorithm": self.ALGORITHM,
-            "access_token_expire_minutes": self.ACCESS_TOKEN_EXPIRE_MINUTES,
-            "MAIN_TENANTS_TABLE": self.MAIN_TENANTS_TABLE,
-            "role_permissions_table": self.ROLE_PERMISSIONS_TABLE,
-            "TENANT_LOGIN_SETTINGS_TABLE": self.TENANT_LOGIN_SETTINGS_TABLE,
-            "user_groups_table": self.USER_GROUPS_TABLE,
-            "assign_roles_table": self.ASSIGN_ROLES_TABLE,
-        }
 
-# Global settings instance
-db_settings = Settings()
+        port = int(self.DB_PORT) if self.DB_PORT else 5432
+        return f"postgresql://{self.DB_USER}:{self.DB_PASSWORD}@{self.DB_HOST}:{port}/{self.DB_NAME}"
 
-# Validate configuration on import
-try:
-    db_settings.validate_configuration()
-except Exception as e:
-    warnings.warn("Configuration validation failed: %s", str(e), UserWarning)
+# Global settings instance
+db_settings = Settings()

trovesuite/entities/health.py

@@ -1,8 +1,8 @@
 from fastapi import APIRouter
-from src.entities.shared.shared_response import Respons
-from src.configs.settings import db_settings
-from src.configs.database import DatabaseManager
-from src.configs.logging import get_logger
+from .sh_response import Respons
+from ..configs.settings import db_settings
+from ..configs.database import DatabaseManager
+from ..configs.logging import get_logger
 
 health_check_router = APIRouter(tags=["Health Path"])
 logger = get_logger("health")

trovesuite/notification/__init__.py

@@ -0,0 +1,14 @@
+"""
+TroveSuite Notification Service
+
+Provides email and SMS notification capabilities for TroveSuite applications.
+"""
+
+from .notification_service import NotificationService
+from .notification_write_dto import NotificationEmailServiceWriteDto, NotificationSMSServiceWriteDto
+
+__all__ = [
+    "NotificationService",
+    "NotificationEmailServiceWriteDto",
+    "NotificationSMSServiceWriteDto"
+]

trovesuite/notification/notification_base.py

@@ -0,0 +1,13 @@
+from typing import List, Optional, Union
+from pydantic import BaseModel
+
+class NotificationEmailBase(BaseModel):
+    sender_email: str
+    receiver_email: Union[str, List[str]]
+    password: str
+    subject: str
+    text_message: str
+    html_message: Optional[str] = None
+
+class NotificationSMSBase(BaseModel):
+    pass

trovesuite/notification/notification_controller.py

@@ -0,0 +1,21 @@
+from .notification_write_dto import (
+    NotificationEmailControllerWriteDto,
+    NotificationSMSControllerWriteDto
+)
+from .notification_read_dto import (
+    NotificationEmailControllerReadDto,
+    NotificationSMSControllerReadDto
+)
+from .notification_service import NotificationService
+from ..entities.sh_response import Respons
+from fastapi import APIRouter
+
+notification_router = APIRouter(tags=["Notification"])
+
+@notification_router.post("/send_email", response_model=Respons[NotificationEmailControllerReadDto])
+async def send_email(data: NotificationEmailControllerWriteDto):
+    return NotificationService.send_email(data=data)
+
+@notification_router.post("/send_sms", response_model=Respons[NotificationSMSControllerReadDto])
+async def send_sms(data: NotificationSMSControllerWriteDto):
+    return NotificationService.send_sms(data=data)

trovesuite/notification/notification_read_dto.py

@@ -0,0 +1,21 @@
+from .notification_base import (
+    NotificationEmailBase,
+    NotificationSMSBase
+)
+from pydantic import BaseModel
+
+# EMAIL Notification
+
+class NotificationEmailControllerReadDto(NotificationEmailBase):
+    pass
+
+class NotificationEmailServiceReadDto(BaseModel):
+    pass
+
+# SMS Notification
+
+class NotificationSMSControllerReadDto(NotificationSMSBase):
+    pass
+
+class NotificationSMSServiceReadDto(BaseModel):
+    pass

trovesuite/notification/notification_service.py

@@ -0,0 +1,73 @@
+import smtplib
+from email.mime.text import MIMEText
+from email.mime.multipart import MIMEMultipart
+from ..entities.sh_response import Respons
+from .notification_read_dto import (
+    NotificationEmailServiceReadDto,
+    NotificationSMSServiceReadDto
+)
+from .notification_write_dto import (
+    NotificationEmailServiceWriteDto,
+    NotificationSMSServiceWriteDto
+)
+
+class NotificationService:
+
+    @staticmethod
+    def send_email(data: NotificationEmailServiceWriteDto) -> Respons[NotificationEmailServiceReadDto]:
+        """
+        Send an email (single or multiple recipients) via Gmail SMTP.
+        Supports both plain text and HTML email bodies.
+        """
+
+        # Extract input data
+        receiver_email = data.receiver_email
+        text_message = data.text_message
+        html_message = getattr(data, "html_message", None)
+        sender_email = data.sender_email
+        password = data.password
+        subject = data.subject
+
+        # Allow single email or list
+        if isinstance(receiver_email, str):
+            receiver_email = [receiver_email]
+
+        # Create the email container
+        message = MIMEMultipart("alternative")
+        message["From"] = sender_email
+        message["To"] = ", ".join(receiver_email)
+        message["Subject"] = subject
+
+        # Attach plain text
+        message.attach(MIMEText(text_message, "plain"))
+
+        # Attach HTML if provided
+        if html_message:
+            message.attach(MIMEText(html_message, "html"))
+
+        try:
+            with smtplib.SMTP_SSL("smtp.gmail.com", 465) as server:
+                server.login(sender_email, password)
+                server.sendmail(sender_email, receiver_email, message.as_string())
+
+            return Respons[NotificationEmailServiceReadDto](
+                detail=f"Email successfully sent to {len(receiver_email)} recipient(s)",
+                error=None,
+                data=[],
+                status_code=200,
+                success=True,
+            )
+
+        except Exception as e:
+            print(e)
+            return Respons[NotificationEmailServiceReadDto](
+                detail="An error occurred while sending the email",
+                error=str(e),
+                data=[],
+                status_code=500,
+                success=False,
+            )
+
+    @staticmethod
+    def send_sms(data: NotificationSMSServiceWriteDto) -> Respons[NotificationSMSServiceReadDto]:
+        pass

trovesuite/notification/notification_write_dto.py

@@ -0,0 +1,21 @@
+from pydantic import BaseModel
+from .notification_base import (
+    NotificationEmailBase,
+    NotificationSMSBase
+)
+
+# Email Notification
+
+class NotificationEmailControllerWriteDto(NotificationEmailBase):
+    pass
+
+class NotificationEmailServiceWriteDto(NotificationEmailControllerWriteDto):
+    pass
+
+# SMS Notification
+
+class NotificationSMSControllerWriteDto(NotificationSMSBase):
+    pass
+
+class NotificationSMSServiceWriteDto(BaseModel):
+    pass

trovesuite/storage/__init__.py

@@ -0,0 +1,42 @@
+"""
+TroveSuite Storage Service
+
+Provides Azure Storage blob management capabilities for TroveSuite applications.
+Includes container creation, file upload/download/update/delete, and presigned URL generation.
+"""
+
+from .storage_service import StorageService
+from .storage_write_dto import (
+    StorageContainerCreateServiceWriteDto,
+    StorageFileUploadServiceWriteDto,
+    StorageFileUpdateServiceWriteDto,
+    StorageFileDeleteServiceWriteDto,
+    StorageFileDownloadServiceWriteDto,
+    StorageFileUrlServiceWriteDto
+)
+from .storage_read_dto import (
+    StorageContainerCreateServiceReadDto,
+    StorageFileUploadServiceReadDto,
+    StorageFileUpdateServiceReadDto,
+    StorageFileDeleteServiceReadDto,
+    StorageFileDownloadServiceReadDto,
+    StorageFileUrlServiceReadDto
+)
+
+__all__ = [
+    "StorageService",
+    # Write DTOs
+    "StorageContainerCreateServiceWriteDto",
+    "StorageFileUploadServiceWriteDto",
+    "StorageFileUpdateServiceWriteDto",
+    "StorageFileDeleteServiceWriteDto",
+    "StorageFileDownloadServiceWriteDto",
+    "StorageFileUrlServiceWriteDto",
+    # Read DTOs
+    "StorageContainerCreateServiceReadDto",
+    "StorageFileUploadServiceReadDto",
+    "StorageFileUpdateServiceReadDto",
+    "StorageFileDeleteServiceReadDto",
+    "StorageFileDownloadServiceReadDto",
+    "StorageFileUrlServiceReadDto",
+]

trovesuite/storage/storage_base.py

@@ -0,0 +1,63 @@
+from typing import Optional
+from pydantic import BaseModel
+
+
+class StorageConnectionBase(BaseModel):
+    """Base model for Azure Storage connection using Managed Identity"""
+    storage_account_url: str  # e.g., https://<account-name>.blob.core.windows.net
+    container_name: str
+    managed_identity_client_id: Optional[str] = None  # Optional: For user-assigned managed identity
+
+
+class StorageFileUploadBase(BaseModel):
+    """Base model for file upload operations"""
+    storage_account_url: str
+    container_name: str
+    file_content: bytes
+    blob_name: str
+    directory_path: Optional[str] = None
+    content_type: Optional[str] = None
+    managed_identity_client_id: Optional[str] = None
+
+
+class StorageFileUpdateBase(BaseModel):
+    """Base model for file update operations"""
+    storage_account_url: str
+    container_name: str
+    blob_name: str
+    file_content: bytes
+    content_type: Optional[str] = None
+    managed_identity_client_id: Optional[str] = None
+
+
+class StorageFileDeleteBase(BaseModel):
+    """Base model for file delete operations"""
+    storage_account_url: str
+    container_name: str
+    blob_name: str
+    managed_identity_client_id: Optional[str] = None
+
+
+class StorageFileDownloadBase(BaseModel):
+    """Base model for file download operations"""
+    storage_account_url: str
+    container_name: str
+    blob_name: str
+    managed_identity_client_id: Optional[str] = None
+
+
+class StorageFileUrlBase(BaseModel):
+    """Base model for getting presigned URL"""
+    storage_account_url: str
+    container_name: str
+    blob_name: str
+    expiry_hours: Optional[int] = 1
+    managed_identity_client_id: Optional[str] = None
+
+
+class StorageContainerCreateBase(BaseModel):
+    """Base model for creating a container"""
+    storage_account_url: str
+    container_name: str
+    public_access: Optional[str] = None
+    managed_identity_client_id: Optional[str] = None

trovesuite/storage/storage_controller.py

@@ -0,0 +1,198 @@
+from typing import List
+from fastapi import APIRouter, File, UploadFile, Form
+from fastapi.responses import StreamingResponse
+from io import BytesIO
+from .storage_write_dto import (
+    StorageContainerCreateControllerWriteDto,
+    StorageFileUploadControllerWriteDto,
+    StorageFileUpdateControllerWriteDto,
+    StorageFileDeleteControllerWriteDto,
+    StorageFileDownloadControllerWriteDto,
+    StorageFileUrlControllerWriteDto
+)
+from .storage_read_dto import (
+    StorageContainerCreateControllerReadDto,
+    StorageFileUploadControllerReadDto,
+    StorageFileUpdateControllerReadDto,
+    StorageFileDeleteControllerReadDto,
+    StorageFileDownloadControllerReadDto,
+    StorageFileUrlControllerReadDto
+)
+from .storage_service import StorageService
+from ..entities.sh_response import Respons
+
+storage_router = APIRouter(tags=["File Storage"])
+
+
+@storage_router.post("/create-container", response_model=Respons[StorageContainerCreateControllerReadDto])
+async def create_container(data: StorageContainerCreateControllerWriteDto):
+    """
+    Create a new Azure Storage container.
+
+    Example request body:
+    {
+        "storage_account_url": "https://myaccount.blob.core.windows.net",
+        "container_name": "my-container",
+        "public_access": null,
+        "managed_identity_client_id": "your-client-id"  // optional
+    }
+    """
+    return StorageService.create_container(data=data)
+
+
+@storage_router.post("/upload", response_model=Respons[StorageFileUploadControllerReadDto])
+async def upload_file(
+    storage_account_url: str = Form(...),
+    container_name: str = Form(...),
+    blob_name: str = Form(...),
+    file: UploadFile = File(...),
+    directory_path: str = Form(None),
+    managed_identity_client_id: str = Form(None)
+):
+    """
+    Upload a file to Azure Storage.
+
+    Use form-data with the following fields:
+    - storage_account_url: Your Azure storage URL
+    - container_name: Container name
+    - blob_name: Name for the blob
+    - file: The file to upload
+    - directory_path: Optional directory path (e.g., "uploads/2024")
+    - managed_identity_client_id: Optional client ID for user-assigned managed identity
+    """
+    content = await file.read()
+
+    upload_data = StorageFileUploadControllerWriteDto(
+        storage_account_url=storage_account_url,
+        container_name=container_name,
+        file_content=content,
+        blob_name=blob_name,
+        directory_path=directory_path,
+        content_type=file.content_type,
+        managed_identity_client_id=managed_identity_client_id
+    )
+
+    return StorageService.upload_file(data=upload_data)
+
+
+@storage_router.put("/update", response_model=Respons[StorageFileUpdateControllerReadDto])
+async def update_file(
+    storage_account_url: str = Form(...),
+    container_name: str = Form(...),
+    blob_name: str = Form(...),
+    file: UploadFile = File(...),
+    managed_identity_client_id: str = Form(None)
+):
+    """
+    Update an existing file in Azure Storage.
+
+    Use form-data with the following fields:
+    - storage_account_url: Your Azure storage URL
+    - container_name: Container name
+    - blob_name: Full blob name including path (e.g., "uploads/2024/file.pdf")
+    - file: The new file content
+    - managed_identity_client_id: Optional client ID for user-assigned managed identity
+    """
+    content = await file.read()
+
+    update_data = StorageFileUpdateControllerWriteDto(
+        storage_account_url=storage_account_url,
+        container_name=container_name,
+        blob_name=blob_name,
+        file_content=content,
+        content_type=file.content_type,
+        managed_identity_client_id=managed_identity_client_id
+    )
+
+    return StorageService.update_file(data=update_data)
+
+
+@storage_router.delete("/delete", response_model=Respons[StorageFileDeleteControllerReadDto])
+async def delete_file(data: StorageFileDeleteControllerWriteDto):
+    """
+    Delete a file from Azure Storage.
+
+    Example request body:
+    {
+        "storage_account_url": "https://myaccount.blob.core.windows.net",
+        "container_name": "my-container",
+        "blob_name": "uploads/2024/file.pdf",
+        "managed_identity_client_id": "your-client-id"  // optional
+    }
+    """
+    return StorageService.delete_file(data=data)
+
+
+@storage_router.delete("/delete-multiple", response_model=Respons[StorageFileDeleteControllerReadDto])
+async def delete_multiple_files(
+    storage_account_url: str,
+    container_name: str,
+    blob_names: List[str],
+    managed_identity_client_id: str = None
+):
+    """
+    Delete multiple files from Azure Storage.
+
+    Example request body:
+    {
+        "storage_account_url": "https://myaccount.blob.core.windows.net",
+        "container_name": "my-container",
+        "blob_names": ["file1.pdf", "file2.pdf", "folder/file3.jpg"],
+        "managed_identity_client_id": "your-client-id"  // optional
+    }
+    """
+    return StorageService.delete_multiple_files(
+        storage_account_url=storage_account_url,
+        container_name=container_name,
+        blob_names=blob_names,
+        managed_identity_client_id=managed_identity_client_id
+    )
+
+
+@storage_router.post("/download")
+async def download_file(data: StorageFileDownloadControllerWriteDto):
+    """
+    Download a file from Azure Storage.
+
+    Returns the file as a streaming response.
+
+    Example request body:
+    {
+        "storage_account_url": "https://myaccount.blob.core.windows.net",
+        "container_name": "my-container",
+        "blob_name": "uploads/2024/file.pdf",
+        "managed_identity_client_id": "your-client-id"  // optional
+    }
+    """
+    result = StorageService.download_file(data=data)
+
+    if not result.success:
+        return result
+
+    file_data = result.data[0]
+
+    # Return as streaming response
+    return StreamingResponse(
+        BytesIO(file_data.content),
+        media_type=file_data.content_type or "application/octet-stream",
+        headers={
+            "Content-Disposition": f"attachment; filename={data.blob_name.split('/')[-1]}"
+        }
+    )
+
+
+@storage_router.post("/get-url", response_model=Respons[StorageFileUrlControllerReadDto])
+async def get_file_url(data: StorageFileUrlControllerWriteDto):
+    """
+    Generate a presigned URL for a file.
+
+    Example request body:
+    {
+        "storage_account_url": "https://myaccount.blob.core.windows.net",
+        "container_name": "my-container",
+        "blob_name": "uploads/2024/file.pdf",
+        "expiry_hours": 2,
+        "managed_identity_client_id": "your-client-id"  // optional
+    }
+    """
+    return StorageService.get_file_url(data=data)