private function resolveUser(Guard $guard)
{
// if we're logging in using remember token
// then we must resolve user „manually”
// to prevent csrf token regeneration
$usingSession = $guard instanceof SessionGuard;
$recaller = $usingSession ? $guard->getRequest()->cookies->get($guard->getRecallerName()) : null;
if ($usingSession && !is_null($recaller)) {
list($id, $token) = explode('|', $recaller);
return $guard->getProvider()->retrieveByToken($id, $token);
} else {
return $guard->user();
}
}
