Fix redirect logic for pages that require authentication

Bug description:

1. let the user be logged in
2. the user hits refresh on a private page (that requires authentication), or arrives at it by url - so no global state has been loaded
3. the check for verified identity redirects the user to the identity verification page, which defaults to /ensure-verified-login
4. Global currentUser is loaded and identity verification page the verified status of currentUser and redirects to a default page (/)
5. Result: the user was arbitrarily redirected to a page he didn't request, e.g. user may hit refresh on his profile page, and is redirected to the homepage

Fix:

• do not perform identity verification check unless currentUser has been loaded