1. Create and enable login verification by super administrator
If MongoDB wants to enable login verification, a user must be created before enabling login verification, otherwise the database cannot be logged in!
For example, create an administrator user admin, associate it with the admin database, and set the role to root (super administrator)
First, enter the target library admin, use admin
Then, enter the command db.createUser({user:"admin",pwd:"123456",roles:["root"]})
After creating the administrator user, you can enable login authentication, enter the configuration file c:\MongoDB\config\mongodb.conf,
Add auth=true to enable login verification. If you want to enable remote login, you need to add bind_ip=0.0.0.0, and then modify and write to restart the MongoDB service.
After the service is enabled, you can log in as an administrator.
2. Add a common database user
If you want to add a login user to the specified database, you need to switch to the database first, and then create the user. The user needs to bind the database and roles.
Commonly used roles:
read: allows the user to read the specified database
readWrite: allows the user to read and write the specified database
dbAdmin: allows the user to perform administrative functions in the specified database, such as index creation, deletion, viewing statistics or accessing system.profile
userAdmin: allows the user to add to the system.users collection For writing, you can create, delete, and manage the user
clusterAdmin in the specified database: only available in the admin database, giving the user administrative rights to all shard and replication set related functions.
readAnyDatabase: only available in the admin database, giving the user read permission for all databases
readWriteAnyDatabase: only available in the admin database, giving the user read and write permissions for all databases
userAdminAnyDatabase: only available in the admin database, giving the user userAdmin permissions for all databases
dbAdminAnyDatabase : Only available in the admin database, giving the user dbAdmin privileges on all databases.
root: Only available in the admin database. super account, super authority
For example, create a test user with read and write permissions to the test database
First, enter the target library test, use test
然后,输入指令 db.createUser({user:"test",pwd:"123456",roles:[{role:"readWrite",db:"test"}]})
3. View all users
Use the super administrator login to switch to the admin database, view all information of all users through the command db.system.users.find()
, and pass the command db.system.users.find({},{user:1,roles:1,_id :0}) View all user brief information
Fourth, modify the user
4.1 Modify user password
For example, change the password of user test to 123
First, enter the target library test, use test
Then, enter the command db.changeUserPassword("test","123")
4.2 Modify user roles
Add user role
For example, add readWrite permission to user test
First, enter the target library test, use test
Then, enter the command db.grantRolesToUser("test",[{role:"readWrite",db:"test"}])
delete user role
For example, remove the readWrite permission for user test
First, enter the target library test, use test
Then, enter the command db.revokeRolesFromUser("test",[{role:"readWrite",db:"test"}])
5. Delete users
For example, delete user test
First, enter the target library test, use test
Then, enter the command db.dropUser("test")