Skip to content

Modules Overview

Scion provides 11 production-ready, copy-paste Go modules. Each module is self-contained. Modules are standard-library only by default; declared security exceptions are marked in the registry.

Available Modules

ModuleDescriptionSecurity Features
AuthJWT email/password auth + bcryptRate limiting, user enumeration prevention, JTI
CRUDGeneric CRUD with paginationSort/filter whitelist, SQL injection prevention
MiddlewareRecovery, CORS, logging, timeoutCRLF injection prevention, body size limit
RBACRole-based access controlWildcard permissions, cycle detection
Rate LimitFixed/sliding window, token bucketMemory exhaustion protection, LRU eviction
ValidationChainable request validationRegex DoS prevention, null byte rejection
File UploadSecure file upload handlerMagic bytes validation, path traversal prevention
HealthLiveness/readiness probesSSRF protection, CRLF injection prevention
CacheTTL + LRU in-memory cacheBackground cleanup, max entries limit
PaginationOffset/cursor paginationCursor base64 validation, max limit enforcement
MailSMTP email with templatesHeader injection prevention, XSS escaping

Quick Copy

bash
# Copy a module into your project
cp -r registry/<module>/src/go/* yourproject/internal/<module>/

Module Structure

Each module follows this structure:

registry/<module>/
├── src/go/
│   ├── go.mod              # module <name>, go 1.22
│   ├── config.go           # Options struct, Defaults(), FromEnv()
│   ├── handler.go          # HTTP handlers
│   ├── <core>.go           # Core logic
│   ├── <core>_test.go      # Functional tests
│   └── pentest_test.go     # Penetration test cases
├── README.md               # Human-readable adaptation guide
└── __llms__.md             # AI-readable summary (~150 tokens)

Testing

Every module includes functional tests and penetration test cases:

bash
cd registry/<module>/src/go
go test -v ./...

Dependencies

Modules use only the Go standard library by default. Declared exceptions, such as auth, copy their own go.mod in standalone mode.

Released under the MIT License.