MongoDB添加用户认证

1、mongodb添加用户认证

  mongodb默认是不添加用户认证的，但是出于对数据安全的考虑还是需要添加用户认证。先来展示一下有用户和无用户的情况：

mongo 10.10.16.228:27017  #无用户可直接登录，默认可以不用添加ip和端口号
mongo -uadmin -p'aqMkDuYbRAvfgJk' 10.10.16.228:27017/admin   #有用户需要加上用户名和密码

  下面开始创建admin这个库的管理者并设置密码：（该账号需要有grant权限，即：账号管理的授权权限。注意一点，帐号是跟着库走的，所以在指定库里授权，必须也在指定库里验证(auth)。）

mongo 127.0.0.1:27017
MongoDB shell version v4.0.4
connecting to: mongodb://127.0.0.1:27017/test
Implicit session: session { "id" : UUID("b267a3ff-196a-4bb7-9d1f-167940f3b764") }
MongoDB server version: 4.0.4
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
    http://docs.mongodb.org/
Questions? Try the support group
    http://groups.google.com/group/mongodb-user
2018-12-25T09:21:22.807+0800 I CONTROL  [initandlisten] 
> show dbs
admin   0.000GB
config  0.000GB
local   0.000GB
> use admin  
switched to db admin
> db.createUser( { user:'Admin', pwd:'aqMkDuYbRAvfgJk', roles:["root"] } );   #为admin这个库创建Admin用户，密码是aqMkDuYbRAvfgJk 权限（roles）是root
Successfully added user: { "user" : "Admin", "roles" : [ "root" ] }
> use wyy
switched to db wyy  #创建wyy库
> db.createUser( { user:'wyy', pwd:'wyy123', roles:["readWrite"] } );
Successfully added user: { "user" : "wyy", "roles" : [ "readWrite" ] }  #单独为这个库授权认证用户
> 
> show users
{
    "_id" : "wyy.wyy",
    "user" : "wyy",
    "db" : "wyy",
    "roles" : [
        {
            "role" : "readWrite",
            "db" : "wyy"
        }
    ],
    "mechanisms" : [
        "SCRAM-SHA-1",
        "SCRAM-SHA-256"
    ]
}
> use admin
switched to db admin 
> show collections
system.indexes
system.users
system.version
> show users
{
    "_id" : "admin.Admin",
    "user" : "dbAdmin",
    "db" : "admin",
    "roles" : [
        {
            "role" : "root",
            "db" : "admin"
        }
    ]
}
# 至此mongo添加用户认证完成

2、用户认证验证

mongo -uAdmin -p'aqMkDuYbRAvfgJk' 127.0.0.1:27017/admin  #登录admin库
mongo -u wyy -p'wyy123' 127.0.0.1:27017/wyy  #登录wyy库
> show dbs
admin    0.078GB
wyy  0.078GB
local    0.078GB
> db.wyy.insert(
   { name: "王二哈", age: 22, tags: ["IT"], scrb: { h: 172, w: 65, sex: "man" } }
   )
> show dbs
admin    0.078GB
local    0.078GB
wyy      0.078GB
> db.wyy.find({})
{ "_id" : ObjectId("5c218e510922ab5fc154426d"), "name" : "王二哈", "age" : 22, "tags" : [ "IT" ], "scrb" : { "h" : 172, "w" : 65, "sex" : "man" } }
MongoDB中默认的数据库为test，如果你没有创建新的数据库，集合将存放在test数据库中。

   登录admin库使用用户名和密码进行验证

> show dbs
admin   0.000GB
config  0.000GB
local   0.000GB
wyy     0.000GB
> use admin
switched to db admin
> db.auth("Admin","aqMkDuYbRAvfgJk");
1  #1代表通过
> db.auth("Admin","aqMkDuY");
Error: Authentication failed.
0
> use wyy
switched to db wyy
> db.auth("wyy","wyy123");
1