Looks secure enough to me.
Is the entire page supposed to be secure or just a portion of the content. At any rate, if you’re not outputting the content then there isn’t any way for the person to see it. If the person is not supposed to access the page at all I would probably redirect them to a different page. Also, you can probably just use get_current_user_id() https://developer.wordpress.org/reference/functions/get_current_user_id/ would save you a line of code.
