没有区别.唯一的区别是，如果用户未通过身份验证，则User.Identity可能为null，因此您可能会获得NRE，而使用第二种方法时，内部会对此进行检查并且更加安全.

There's no difference. The only difference is that if the user is not authenticated User.Identity might be null and thus you might get a NRE, whereas with the second approach, internally there's a check for this and is safer.

Request.IsAuthenticated方法的实现方式如下:

Here's how the Request.IsAuthenticated method is implemented:

public bool IsAuthenticated
{
    get
    {
        return this._context.User != null && 
               this._context.User.Identity != null &&
               this._context.User.Identity.IsAuthenticated;
    }
}

基本上，它比第一个要安全一些.

Basically it's a bit safer than the first one.