skip verify authenticity token for helpscout

Co-authored-by: LeSim <mail@simon.lehericey.net>

app/controllers/webhook_controller.rb

@@ -1,5 +1,6 @@
 class WebhookController < ActionController::Base
   before_action :verify_signature!, only: :helpscout
+  skip_before_action :verify_authenticity_token
 
   def helpscout
     email = params[:customer][:email].downcase

spec/controllers/webhook_controller_spec.rb

@@ -1,10 +1,19 @@
 describe WebhookController, type: :controller do
   describe '#helpscout' do
-    before { allow(controller).to receive(:verify_signature!).and_return(true) }
+    before do
+      allow(controller).to receive(:verify_signature!).and_return(true)
+      allow(controller).to receive(:verify_authenticity_token)
+    end
 
     subject(:response) { get :helpscout, params: { customer: { email: customer_email } } }
 
     let(:payload) { JSON.parse(subject.body) }
+    let(:customer_email) { 'a-user@exemple.fr' }
+
+    it "doesn't verify authenticity token" do
+      subject
+      expect(controller).not_to have_received(:verify_authenticity_token)
+    end
 
     context 'when there is no matching user' do
       let(:customer_email) { 'not-a-user@exemple.fr' }