How to create users and define their permissions in MongoDB? [duplicate] - javascript

This question already has answers here:
How to secure MongoDB with username and password
(20 answers)
Closed 3 years ago.
If you want to add authentication to a MongoDB database to allow only allowed users to access it with specific rights allowed to each. How to get started?

Here is how one can create their first user and attach them to admin role.
While creating a user add the third argument as an array of role names. See the following done in shell:
sudo mongod --auth
In new terminal run the following:
mongo
use admin
db.createUser({user: "myname", pwd: "mypass", roles: ["userAdminAnyDatabase"]})
User then can log in with their credentials that we just registered with the following expression:
db.auth("myname", "mypass")
Alternatively ypu can use the following method to log in:
mongo -u myname -p mypass --authenticationDatabase admin
If you want to create a user to have access to just one particular database the follow this expression:
Go into the database
use mydb
Create user and assign a role
db.createUser({user: "yourname", pwd: "yourpass", roles: ["readWrite"]})
Now logout from first admin user
db.logout()
Login with the new user
mongo -u yourname -p yourpass --authenticationDatabase mydb
Get into the mydb database
use mydb
Then you can perform read and write operations on mydb database
db.mycollection.insertOne({name: "Vinit Khandelwal"})
Here is a bonus: Update user roles and database access
Logout and login with admin of admin database
Get into mydb database
Then run the following:
db.updateUser("mydb", {roles: ["readWrite", {role: "readWrite", db: "yourdb"}]})
This gives the user a readWrite access to mydb as well as to yourdb database

Related

ER_NOT_SUPPORTED_AUTH_MODE - MySQL server

Failed at Connecting Node.js Server to MySQL-Database
       
I had MariaDB" installed on a "Node.js Server", but decided that I wanted to use a SQL Database instead. I uninstalled, and completely removed "MariaDB", after which, I proceeded to install the "Community Ed." "MySQL Database". After going through the entire *'MySQL Setup Process'**, I made several attempts to connect to the database via a JavaScript document that implemented the de facto code snippet for a JS DB Connection — my DB-connection document is posted as a code snippet bellow — shown in the code snippet bellow. Disappointingly, the JS/SQL connection failed at each attempt.
Here is the Failed Connection Error Message that I received:
"ER_NOT_SUPPORTED_AUTH_MODE: Client does not support authentication
protocol requested by server. Consider upgrading MariaDB client."
JS/SQL Connection Snippet that I am using:
var mysql = require('mysql');
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '********',
database : 'foobarDb'
});
For MySQL v8.0 use the following:
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password'
You need to reconfigure the Quick Action Settings by clicking the "Reconfigure Link" as shown in the screenshot below. From there, select "Legacy password" for v5.1.
The cause of the error:
You installed the latest "MySQL Version", v8.0. The latest version has a different encryption plugin for authenticating users at login. 5.6, and 5.1 revert to the prior encryption algorithms. Please note, 5.6 & 5.1 have several security vulnerabilities reported by oracle.
The top-rated answers in this Q/A thread are for the most part valid, but they are unorganized, which is to say the least. A solution is here, however, the solution is bits and pieces amongst three other answers. To offer an answer that is a single solution, more helpfull, and is a time saver, I'll make an attempt to write an answer myself in a way that is clear, concise, and orderly. I will cover the whole problem that Ubuntu users experiance, and in addition, I will add information that's helpfull, and not included in any other answer, that will help readers understand the issue that persist for them.
To Start: The Issue is not a SQL Problem, it is an Ubuntu Problem
The issue that persist for you, has to do with the fact (a fact most software developers/I.T. professionals are probably all already aware of) the 'ROOT' user doesn't have a password in Ubuntu, and is accessible by anyone with $ sudo privileges. To offer clarity for anyone experiencing this issue who might be new to some of the semantics that I am throwing out there; Ubuntu users use the sudo -i command to register as the Root-user, whereas, every other Linux distribution in existence uses a User-ID w/ a Password. In truth, I cannot remember ever needing to be a ROOT user for anything other than Database Management, and always only when I am first installing a Database to a server, though my experience is probably far limited in comparison to some IT professionals out there. My point is, typically using sudo for everything does the Job, but in this case it is problematic, so the important thing to note is the following:
PROBLEM:
Ubuntu lacks a 'ROOT PASSWORD' and this is why everyone experiencing the issue that we are discussing runs a Distribution of the Ubuntu OS/SHELL. And unless we rewrite the Ubuntu kernel, and the practically everything else in the operating system, we cannot give Ubuntu SHELL a "root password".
SOLUTION:
We may not be able to give the Ubuntu SHELL a root password, but we can, and we will, give MySQL a 'ROOT PASSWORD'.
TO EXECUTE THE SOLUTION YOU NEED TO HAVE THE FOLLOWING:
Node.js v12+
NPM (Probably need v5+ but don't quote me on that)
MySQL v8.0+ (obviously)
The MySQL Driver (from npm)
CONFIRMATION:
If you don't already have everything on the list you honestly can't say that this is the issue your dealing with.
If you do have everything on the list
and you are running an Ubuntu distro, then you should be getting an error message that probably looks somthing like the one I got when I had to fix this issue.
My error message read:
ERROR: (28000): Access denied for user 'ajc'#'localhost'
ERROR: ERROR_NOT_SUPPORTED_AUTH_MODE: Client does not support
authentication protocol requested by server; consider upgrading
MySQL client
'Client does not support authentication protocol requested by server; consider upgrading MySQL client
If your still reading then your likely in the right place.
To start fixing the problem create an empty Node.js project, and install the MySQL driver as a dependency to it using NPM (you should know how to do this, as you had to do that to have this issue). Add a JavaScript .js file. Call the file, sqltest.js or whatever something like that.
Add the code below to the file you just created.
let mysql = require('mysql');
let connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '********',
database : 'DB_App_00',
});
connection.connect(function(err) {
if (err) {
return console.error('error: ' + err.message);
}
console.log('Connected to the MySQL server.');
});
In the method called 'createConnection' is a JSON OBJ parameter holding the credential values to make a valid connection to the MySQL database server. The user has to equal to 'root', and the database has to exist. Also for a later test add a testing table to the database, with some BS data."
Now open a terminal window, and do your typical updates & upgrades, this is important, which is why every tutorial asks you to do them.
~$: sudo apt update
~$: sudo apt upgrade
After you do your upgrades enter the following command into your terminal:
~$: sudo mysql -u root
It should prompt you for your Ubuntu Password, type it and [ENTER].
The next step is critically important:
Now here is the step that could be considered the medicine and/or the cure to the problem. Your terminal should be open, and you should be inside of the MYSQL Server, under the user 'root'. The terminal should have the cursor flashing at a blank mysql command-line. Within the CMDL copy & paste this:
mysql> ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'ChoosePassword';
mysql> FLUSH PRIVILEGES;
The next part is obvious, change 'ChoosePassword' to a password you will remember while leaving the password within single quotation marks. Change absolutely nothing else, press [ENTER]
If you followed the steps correctly, you now have a MySQL 'ROOT USER' with its own password now. Test it by copy and paste the following at the Ubuntu CMDL:
~$: mysql -u root -p
It will prompt you for your new password, type it and [ENTER]
...you should be in, now exit.
mysql>exit
Back to your 'testsql.js' file, alter the credentials to root for the user, password to your password, a valid database, and host to localhost, unless you have a unique need for a different hostname.
let connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '********',
database : 'DB_App_00',
});
now use node to run the node test file
~$: node testsql.js
Final Thought:
If it doesn't say connected you did something wrong, but if all went well, you should connect. It took some effort before I got it to work, but this answer should save you some time from reading all the other half written answers.
You can use the package mysql2 instead of mysql. I ran into the same issue and using mysql2 worked for me.
You can install this package using npm i mysql2
You can either alter an existing user to use mysql_native_password, or create a new user,
CREATE USER 'new_user'#'%' IDENTIFIED WITH mysql_native_password BY '***';
GRANT USAGE ON *.* TO 'new_user'#'%';
ALTER USER 'new_user'#'%' REQUIRE NONE WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
GRANT ALL PRIVILEGES ON `new_user`.* TO 'new_user'#'%';
FLUSH PRIVILEGES;
replace new_user with your new user name, and set your password.
Now you can access mysql from node using the mysql package,
npm install mysql
recommended to use pool connection for this package.
I figure that some MySQL versions have the authentication for the establishment of a connection a bit messed up. All I had to do was add the line "insecureAuth" : true to the CreateConnection(...) credentials.
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '********',
database : 'vod_bill_database',
insecureAuth : true
});
The error is gone now, and the client is successfully connecting.
1st run this code ->
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
2nd
flush privileges;
try the older version of mysql like 5.6.40, it uses by default SHA256_password auth where new version 8.0. uses by default sha2_password auth which is more secure and throw this authentication protocol error.
MYSQL installer 5.6.40
yellow yow bros !
// mysql.ts
const pool = mysql.createPool({
connectionLimit: 10,
host: "localhost",
user: "root",
password: "password",
database: "rest-resume-api",
});
and then I have a docker-compose file such as
# docker-compose.yml
version: '3.3'
services:
db:
image: mysql
restart: always
command: --default-authentication-plugin=mysql_native_password
environment:
MYSQL_DATABASE: 'rest-resume-api'
MYSQL_USER: 'root'
MYSQL_ROOT_PASSWORD: 'password'
ports:
- '3306:3306'
expose:
- '3306'
volumes:
- my-db:/var/lib/mysql2
volumes:
my-db:
you can do it
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password'
ALTER USER 'root'#'%' IDENTIFIED WITH mysql_native_password BY 'password'
FLUSH PRIVILEGES;
check mysql root user IDENTIFIED
select user,host,plugin from user;
+------------------+-----------+-----------------------+
| user | host | plugin |
+------------------+-----------+-----------------------+
| root | % | mysql_native_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session | localhost | caching_sha2_password |
| mysql.sys | localhost | caching_sha2_password |
| root | localhost | mysql_native_password |
+------------------+-----------+-----------------------+
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '********',
database : 'vod_bill_database',
port : 3308
});
I had the same error and since i changed my port in phpmyadmin from 3306 to 3308 therefore here also i had to write port: 3308 and it started working.
in order to overcome this error use the following code:
var connectionString = 'mysql://*root:*password#*localhost/*database?charset=utf8_general_ci&timezone=-0700';
var connection= mysql.createConnection(connectionString);
but make sure that you changed the * marks in the connectionString based on your setup.
just create a new user on MySQL
CREATE USER 'foo'#'localhost' IDENTIFIED WITH mysql_native_password BY 'bar';

How do I allow the node pg module communicate with my Windows postgresql server?

I have a node server on localhost. In it is the pg module:
//above is express requires
var pg = require('pg');
var client = new pg.Client();
client.connect((err)=>{
if(err) throw err;
client.end((err)=>{
if(err) throw err;
});
})
//below is basic express server stuff
I have, I believe, a postgresql server running on windows. I have pgadmin open, there is a localhost:5432 section, and inside is a "test" database I have created.
My node server currently throws:
error: password authentication fails for user 'myname'
I do not understand how I can, either in postgresql's Windows client, set default username/password that is then added to environment variables, or, in Windows add the proper environment variable key/value pairs that the node pg module expects so it can login, or, tell the node pg module how to login to postgresql, or, whether I am even going down the right path at all.
How can I allow my node pg module to connect to my localhost postgresql server?
EDIT: I tried to follow the instructions in this SO answer, however I would always recieve "access denied" errors no matter where I pointed the db creation to, whether I used cmd or powershell in admin or no, and no matter the permissions I set for files. I'm now primarily interacting with postgresql through the pgadmin III GUI.
EDIT2: I tried modifying the pg initialization by doing:
var connectstring = 'postgres://me:password#localhost/dbname';
var client = new pg.Client(connectstring);
I received the same error, using the same exact login details I was prompted with by pgadmin III.
EDIT3: According to these docs, I should possibly have that list of environment variables? If not, where can I find this information so I can manually set these environment variables? Is this the right path to go down?
Use:
var pg = require('pg');
var config = {
user: 'foo',
database: 'my_db',
password: 'secret',
port: 5432
};
var pool = new pg.Pool(config);

Node.js: accessing mysql database

I am writing a Node.js application. In my node-modules/abc/static/example.js file, I want to access the mysql records by querying to the database. Is it possible to do so?
When I include mysql like this:
var mysql = require('mysql');
I get an error:
Uncaught ReferenceError: require is not defined
Is it because it is on client side? What are the other options to access mysql database from the 'example.js' file?
I'm going to guess that you're attempting to use server side js in the client side.
You need to npm install a mysql adapter, #coreyg suggested this one (https://www.npmjs.com/package/mysql).
Set up a nodejs project (if you have not already done so):
npm init
npm install --save mysql
You would then typically create some sort of webapp that would serve up a url in the client side. You'd then (using ajax) request the url.
Behind the scenes your webapp then would query the mysql database (using the adaptor you installed) with whatever query you had in mind.
Once your ajax call had finished you'd run your callback which would do what you wanted with the data that had been returned from the database.
Thats the basic theory. If you want further information on how to do this I'd suggest reading this question: How do I get started with Node.js
Following on Neil Munro's Answer,
after initiating nodejs and installing mysql npm package,
you can actually execute your code from the terminal. to do that,
you can create a new js file on the same folder you are executing those commands,
say mysqlTestProject.js
inside this file, you can put what you had previously, (require stuff and all). for example:
var mysql = require('mysql');
var connection = mysql.createConnection({
host : 'localhost',
user : 'me',
password : 'secret',
database : 'my_db'
});
connection.connect();
connection.query('SELECT 1 + 1 AS solution', function(err, rows, fields) {
if (err) throw err;
console.log('The solution is: ', rows[0].solution);
});
connection.end();
`` codes were taken from https://www.npmjs.com/package/mysql
and then from the terminal (still on the same folder as you were),
type in this line
node ./mysqlTestProject.js

How to authenticate to connect to database in Postgres?

I'm trying to connect to a postgres database from outside the psql command line (so before doing sudo -u postgres psql) but it seems that I'm not able to pass authentication. Here's the error after I try to run a script that connects to that database from the command line:
error: password authentication failed for user "bobby"
"bobby" is my Operating System user name, I noticed that the postgres database contains a superuser called postgres though
I'm new to all this postgres stuff so I'm a bit confused why it's trying to authenticate using my OS user name rather than my psql user name, or rather how I would go about authenticating using the psql user name rather than my OS user name because I know they're separate from each other.
Any help would be appreciated. Thanks in advance.
You need to add your system user name to posgres database
$ psql -d template1 -U postgres
template1=# CREATE USER bobby WITH PASSWORD 'myPassword'
template1=# CREATE DATABASE mydatabase
template1=# GRANT ALL PRIVILEGES ON DATABASE mydatabase to bobby
Done and quit
Then you can access the database with
bobby=#psql mydatabase

Update and or fix the schema of an AppFog Database

I created an app in NodeJS using ExpressJS, I hosted my app on AppFog and it works, however, I made a few update on my local version, now I'd like to update my App on AppFog but I got a problem, because I updated my models in local and now, I can't update my AppFog database...
What am I suppose to do? Delete the App and Update again? I'll lost all my data in my database...
Logs:
Error: ER_BAD_FIELD_ERROR: Unknown column 'tags' in 'field list'
First export the database to keep a backup just in case this does not go as expected.
af apps to get the db service name for the app
af export-service [service-name] to get a download url of a backup
Next tunnel the service to your local box. Note this can be a little finicky so give it a few tries if needed.
af tunnel [service-name]
Pick the connection option you need. Option "none" will output credentials that can be used with your favorite db tool. Setup a db connection to localhost port 10000 and use the dbname, username, and password provided. Option "mysql" will automatically connect to the db with the mysql cli. Closing the terminal window or exiting af tunnel command will drop the local tunnel so keep it running while making changes. More on af tunnel here.
1: none <- this will let you connect using sequel pro
2: mysql <- to make manual tweeks
3: mysqldump
Finally repair the database structure as needed to get your app working and then update the app.
Additionally, in the future you might what to use an ORM like Sequelize which has non-destructive db migrations that can be run when the app starts up after an af update
Somewhere early in your startup file:
// Sudo code. see af online docs on how to get the bound service creds
if (process.env.NODE_ENV == "production") {
var sequelize = new Sequelize(appfog.dbname, appfog.username, appfog.password, ...)
var migratorOptions = { path: process.cwd() + '/migrations' };
var migrator = sequelize.getMigrator(migratorOptions);
migrator.migrate();
}

Categories