docs(storage): document presigned URL upload endpoints introduced in PR #129

[coderabbitai]

Summary

PR #129 (#129) replaced the server-proxied upload flow with a presigned URL three-step architecture and added two new public REST endpoints. Neither of the existing documentation files was updated as part of that PR.

Files to Update

• mintlify/docs/guides/storage.mdx

What Needs to Be Documented

New endpoints

POST /api/storage/upload-request

• Request body: { filename, contentType, size }
• Response: { signedUrl, token, filePath }
• Notes: Enforces 10 MB max, performs quota headroom check without charging.

POST /api/storage/upload-confirm

• Request body: { filePath, size }
• Response: { url, provider } (or a warning when public URL is unavailable for external providers)
• Notes: Verifies the object exists in storage, size matches declared size, then charges quota atomically.

Three-step upload flow

1. Client calls POST /api/storage/upload-request → receives signedUrl, token, filePath.
2. Client uploads binary directly to storage via PUT signedUrl with correct Content-Type header.
3. Client calls POST /api/storage/upload-confirm with filePath and size → receives public url.

S3/R2 CORS requirement

S3/R2 buckets must have a CORS policy that allows PUT requests from the client's origin. This is a bucket-level configuration and is required for the presigned URL flow to work.

SDK note

SDK users (urbackend-sdk) get this flow transparently — the public upload() method signature is unchanged.

References

• Merged PR: feat(storage): replace proxy upload with presigned URL architecture #129
• Requested by: @yash-pouranik
• Related comment: feat(storage): replace proxy upload with presigned URL architecture #129