Merge pull request #3917 from matrix-org/dbkr/complete_security_detect_success

Only say the session is verified if it is now verified

src/components/structures/auth/CompleteSecurity.js

@@ -44,9 +44,12 @@ export default class CompleteSecurity extends React.Component {
             await accessSecretStorage(async () => {
                 await cli.checkOwnCrossSigningTrust();
             });
-            this.setState({
-                phase: PHASE_DONE,
-            });
+
+            if (cli.getCrossSigningId()) {
+                this.setState({
+                    phase: PHASE_DONE,
+                });
+            }
         } catch (e) {
             // this will throw if the user hits cancel, so ignore
         }