Add storage utilities and tests for file handling and tokens

Introduced new fixtures and tests for storage functionality, including saving files, generating URLs, and token creation/verification. Refactored `get_storage_provider` into a separate dependency module. Enhanced test coverage for improved reliability.

backend/tests/utils/test_security.py

@@ -0,0 +1,58 @@
+import time
+import pytest
+from app.utils.security import create_upload_token, verify_upload_token
+
+
+def test_upload_token_creation():
+    """Test that upload tokens can be created with expected fields."""
+    file_path = "images/test.jpg"
+    content_type = "image/jpeg"
+
+    token = create_upload_token(file_path, content_type)
+
+    assert token is not None
+    assert isinstance(token, str)
+    assert len(token) > 0
+
+
+def test_upload_token_verification():
+    """Test that created tokens can be verified."""
+    file_path = "images/test.jpg"
+    content_type = "image/jpeg"
+
+    token = create_upload_token(file_path, content_type)
+    payload = verify_upload_token(token)
+
+    assert payload is not None
+    assert payload["path"] == file_path
+    assert payload["content_type"] == content_type
+    assert payload["exp"] > int(time.time())
+
+
+def test_upload_token_expiration():
+    """Test that expired tokens are rejected."""
+    file_path = "images/test.jpg"
+    content_type = "image/jpeg"
+
+    # Create a token that expires in 1 second
+    token = create_upload_token(file_path, content_type, expires_in=1)
+
+    # Wait for it to expire
+    time.sleep(2)
+
+    payload = verify_upload_token(token)
+    assert payload is None
+
+
+def test_upload_token_tampered():
+    """Test that tampered tokens are rejected."""
+    file_path = "images/test.jpg"
+    content_type = "image/jpeg"
+
+    token = create_upload_token(file_path, content_type)
+
+    # Tamper with the token
+    tampered_token = token[:-5] + "XXXXX"
+
+    payload = verify_upload_token(tampered_token)
+    assert payload is None