If a user uses a token at login time, we need to make sure they continue
to use the token at unlock time.
As a prerequisite for addressing that problem we need to know up front
if a user logged in with a token at all.
This commit adds the necessary api to detect that case.
8593532801