feat: HMAC verification for web widget (#1643)

* feat: HMAC verification for web widget. Let you verify the authenticated contact via HMAC on the web widget to prevent data tampering.
* Add docs for identity-validation

Co-authored-by: Pranav Raj S <pranav@chatwoot.com>

db/migrate/20210112174124_add_hmac_token_to_inbox.rb

@@ -0,0 +1,15 @@
+class AddHmacTokenToInbox < ActiveRecord::Migration[6.0]
+  def change
+    add_column :channel_web_widgets, :hmac_token, :string
+    add_index :channel_web_widgets, :hmac_token, unique: true
+    set_up_existing_webwidgets
+    add_column :contact_inboxes, :hmac_verified, :boolean, default: false
+  end
+
+  def set_up_existing_webwidgets
+    ::Channel::WebWidget.find_in_batches do |webwidgets_batch|
+      Rails.logger.info "migrated till #{webwidgets_batch.first.id}\n"
+      webwidgets_batch.map(&:regenerate_hmac_token)
+    end
+  end
+end