docs: add firebase auth and fragments

docs/website/docs/graphql.md

@@ -55,6 +55,30 @@ query {
 }
 ```
 
+### Fragments
+
+Fragments make it easy to build large complex queries with small composible and re-usable fragment blocks.
+
+```graphql
+query {
+  users {
+    ...userFields2
+    ...userFields1
+    picture_url
+  }
+}
+
+fragment userFields1 on user {
+  id
+  email
+}
+
+fragment userFields2 on user {
+  first_name
+  last_name
+}
+```
+
 ### Sorting
 
 To sort or ordering results just use the `order_by` argument. This can be combined with `where`, `search`, etc to build complex queries to fit you needs.

docs/website/docs/intro.md

@@ -4,6 +4,8 @@ title: Introduction
 sidebar_label: Introduction
 ---
 
+import useBaseUrl from '@docusaurus/useBaseUrl'; // Add to the top of the file below the front matter.
+
 Super Graph is a service that instantly and without code gives you a high performance and secure GraphQL API. Your GraphQL queries are auto translated into a single fast SQL query. No more spending weeks or months writing backend API code. Just make the query you need and Super Graph will do the rest.
 
 Super Graph has a rich feature set like integrating with your existing Ruby on Rails apps, joining your DB with data from remote APIs, Role and Attribute based access control, Support for JWT tokens, DB migrations, seeding and a lot more.
@@ -134,3 +136,9 @@ mutation {
   }
 }
 ```
+
+### Built-in GraphQL Editor
+
+Quickly craft and test your queries with a full-featured GraphQL editor. Auto-complete and schema documentation is automatically available.
+
+<img alt="Zipkin Traces" src={useBaseUrl("img/webui.jpg")} />

docs/website/docs/security.md

@@ -95,7 +95,7 @@ auth:
   type: jwt
 
   jwt:
-    # the two providers are 'auth0' and 'none'
+    # valid providers are auth0, firebase and none
     provider: auth0
     secret: abc335bfcfdb04e50db5bb0a4d67ab9
     public_key_file: /secrets/public_key.pem
@@ -108,6 +108,19 @@ We can get the JWT token either from the `authorization` header where we expect
 
 For validation a `secret` or a public key (ecdsa or rsa) is required. When using public keys they have to be in a PEM format file.
 
+### Firebase Auth
+
+```yaml
+auth:
+  type: jwt
+
+  jwt:
+    provider: firebase
+    audience: <firebase-project-id>
+```
+
+Firebase auth also uses JWT the keys are auto-fetched from Google and used according to their documentation mechanism. The `audience` config value needs to be set to your project id and everything else is taken care for you.
+
 ### HTTP Headers
 
 ```yaml

docs/website/docs/webui.md

@@ -0,0 +1,13 @@
+---
+id: webui
+title: Web UI / GraphQL Editor
+sidebar_label: Web UI
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl'; // Add to the top of the file below the front matter.
+
+<img alt="Zipkin Traces" src={useBaseUrl("img/webui.jpg")} />
+
+Super Graph comes with a build-in GraphQL editor that only runs in development. Use it to craft your queries and copy-paste them into you're app once you're ready. The editor supports auto-completation and schema documentation. This makes it super easy to craft and test your query all in one go without knowing anything about the underlying database structure.
+
+You can even set query variables or http headers as required. To simulate an authenticated user set the http header `"X-USER-ID": 5` to the user id of the user you want to test with.

docs/website/sidebars.js

@@ -3,6 +3,7 @@ module.exports = {
     Docusaurus: [
       "home",
       "intro",
+      "webui",
       "start",
       "why",
       "graphql",