package hwsauth

import (
	"fmt"
	"net/url"
)

// IgnorePaths excludes specified paths from authentication middleware.
// Paths must be valid URL paths (relative paths without scheme or host).
//
// Example:
//
//	auth.IgnorePaths("/", "/login", "/register", "/public", "/static")
//
// Returns an error if any path is invalid.
func (auth *Authenticator[T, TX]) IgnorePaths(paths ...string) error {
	for _, path := range paths {
		u, err := url.Parse(path)
		valid := err == nil &&
			u.Scheme == "" &&
			u.Host == "" &&
			u.RawQuery == "" &&
			u.Fragment == ""
		if !valid {
			return fmt.Errorf("Invalid path: '%s'", path)
		}
	}
	auth.ignoredPaths = paths
	return nil
}