2

I have a node js program which uses mongodb as its dbs, which looks something like this:

show dbs
  test
  eas
use eas
show collections
  nodeurls
  nodes
  users

At this stage, everyone can access mongo shell and look at all the collections and the data in them. However, I want to add in authentication, so that someone will first have to authenticate against the mongo shell, and then will be able to view the mongo db data.

I have found this: https://docs.mongodb.com/manual/core/authentication/

And have tried to use the db.auth() method however I do not understand how this fully works.

I assume I first have to create a user (I will only want one user for the db mongo shell) and then the user will need to authenticate?

Any help on this would be appreciated!

Improve this question

1 Answer 1

Reset to default
1

For this point

However, I want to add in authentication, so that someone will first have to authenticate against the mongo shell, and then will be able to view the mongo db data.

As per the doc here I created the username/password authentication the following way.

Created the user this way in admin db.

db.CreateUser({
  "user" : "sfk",
  "db" : "admin",
  "roles" : [
          {
                  "role" : "root",
                  "db" : "admin"
          }]
})

Because of this the authentication applies to all databases. So show dbs, show collections in any database will work.

The way to connect shell is,

Start mongod with the parameter auth

C:\MongoDB\Server\3.2\bin\mongod.exe --auth --port 27017

Then open mongo shell with authentication

C:\MongoDB\Server\3.2\bin\mongo.exe --port 27017 -u "sfk" -p "sfk" --authenticationDatabase "admin"

where u - username, p - password

Now we can issue any commands on any database.

We can also authenticate users for specific databases as shown in the docs.

db.createUser(
  {
    user: "reportsUser",
    pwd: "12345678",
    roles: [
       { role: "read", db: "reporting" },
       { role: "read", db: "products" },
       { role: "read", db: "sales" },
       { role: "readWrite", db: "accounts" }
    ]
  }
)

To use db.auth

start mongo shell without authentication. Then move to admin db.

use admin
db.auth("username", "psw")

Now the user is authenticated.

Please post in comments if any extra detail required.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I have applied the above, and have a node js program where my dbs url is stored in a config file : module.exports = { 'url' : 'mongodb://testuser:testing@localhost/mydbs' }; This works however is there a way to hash this password?
If this answer the question please consider accepting answer if you feel
use admin is the secret step they don't bother to tell you on the official documentation... thanks!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.