pymongo >= 3.5: authentication changes

[ghost]

Excerpt from changelog of newly released pymongo version 3.5:

• Username and password can be passed to
  :class:~pymongo.mongo_client.MongoClient as keyword arguments. Before, the
  only way to pass them was in the URI.

And:

Deprecated :meth:~pymongo.database.Database.authenticate. Authenticating multiple users conflicts with support for logical sessions in MongoDB 3.6. To authenticate as multiple users, create multiple instances of :class:~pymongo.mongo_client.MongoClient.

We are currently using this method for authentication. I suggest to use the new authentication for newer versions of pymongo and use the newer for anything >= 3.5. with pymongo 3.6 this needs to be done, otherwise the bot will be broken.

FYI @vince-nayal and @CNCS-PT (authors of the bot)

[ghost]

And further in version 3.6:

Unavoidable breaking changes:

Starting in MongoDB 3.6, the deprecated methods :meth:~pymongo.database.Database.authenticate and :meth:~pymongo.database.Database.logout now invalidate all cursors created prior. Instead of using these methods to change credentials, pass credentials for one user to the :class:~pymongo.mongo_client.MongoClient at construction time, and either grant access to several databases to one user account, or use a distinct client object for each user.

I am not sure if that has an impact on how we use these methods.

[vince-nayal]

Hi,

Sorry, i missed the first notification.

Since I never had to deal with such situation, I am not sure how to do this, do we have to break backward compatibility or is there a way to preserve both methods ?

[ghost]

@vince-nayal
Using pymongo.version you can differentiate between the versions. I.e. do pymongo.version.split('.') < ['3', '5']

[ghost]

I fixed this now based on the documentation. If you have time, maybe you can test it?