First, we add an admin account. Navigate to the MongoDB directory on your machine then start the database.
$ ./mongo > use admin > db.addUser(adminuser, adminpassword)Switch to the database of your choice and add users to it.
> use foo > db.addUser(myuser, userpassword)This adds a user
myuser that has read and write access to the database. If we want a user with read-only access, set the third parameter for addUser().
> db.addUser(guest, guestpassword, true)You can check for users with access to a particular database like thus:
> db.system.users.find().pretty()
{
"_id" : ObjectId("4ee9863d954eb7168e07089d"),
"user" : "zarah",
"readOnly" : false,
"pwd" : "70581bfb1e32e2286df11fe119addc7a"
}
{
"_id" : ObjectId("4ee98658954eb7168e07089e"),
"user" : "guest",
"readOnly" : true,
"pwd" : "88558f1ece63fa0b528012b9840bd9de"
}
Now stop the MongoDB server and restart it with authentication enabled.
$ ./mongod --auth > mongo foo -u myuser -p userpasswordwhere
foo is the database that myuser has access to.
You can now read and write into database
foo. Notice however that querying for databases would result to an error:> show dbs
Mon Dec 19 17:21:20 uncaught exception: listDatabases failed:{ "errmsg" : "need to login", "ok" : 0 }
Exit MongoDB and login again, this time using the read-only account. If we try inserting a document, an error should appear:
> db.foo.insert({"title","MongoDB Authentication Test"})
unauthorized
The read-only account can query for collections and use find() and its variations. It can't, however, query for databases.
