package hwsauth

import (
	"fmt"
	"net/url"

	"github.com/gobwas/glob"
)

// IgnorePaths excludes specified paths from authentication middleware.
// Paths must be valid URL paths (relative paths without scheme or host).
//
// Example:
//
//	auth.IgnorePaths("/", "/login", "/register", "/public", "/static")
//
// Returns an error if any path is invalid.
func (auth *Authenticator[T, TX]) IgnorePaths(paths ...string) error {
	for _, path := range paths {
		u, err := url.Parse(path)
		valid := err == nil &&
			u.Scheme == "" &&
			u.Host == "" &&
			u.RawQuery == "" &&
			u.Fragment == ""
		if !valid {
			return fmt.Errorf("invalid path: '%s'", path)
		}
	}
	auth.ignoredPaths = prepareGlobs(paths)
	return nil
}

func prepareGlobs(paths []string) []glob.Glob {
	compiledGlobs := make([]glob.Glob, 0, len(paths))
	for _, pattern := range paths {
		g, err := glob.Compile(pattern)
		if err != nil {
			// If pattern fails to compile, skip it
			continue
		}
		compiledGlobs = append(compiledGlobs, g)
	}
	return compiledGlobs
}