Deprecate Authenticator.db, Spawner.db

These objects should not access the shared db session;
add a warning pointing to Issue about their removal if it is accessed

jupyterhub/auth.py

@@ -10,6 +10,7 @@ from concurrent.futures import ThreadPoolExecutor
 from functools import partial
 from shutil import which
 from subprocess import PIPE, STDOUT, Popen
+from textwrap import dedent
 
 try:
     import pamela
@@ -31,6 +32,23 @@ class Authenticator(LoggingConfigurable):
 
     db = Any()
 
+    @default("db")
+    def _deprecated_db(self):
+        self.log.warning(
+            dedent(
+                """
+                The shared database session at Authenticator.db is deprecated, and will be removed.
+                Please manage your own database and connections.
+
+                Contact JupyterHub at https://github.com/jupyterhub/jupyterhub/issues/3700
+                if you have questions or ideas about direct database needs for your Authenticator.
+                """
+            ),
+        )
+        return self._deprecated_db_session
+
+    _deprecated_db_session = Any()
+
     enable_auth_state = Bool(
         False,
         config=True,