[FIXED] How can I access my MongoDB on my Linode VPS?

Issue

I have a nodejs app running on my Linode VPS, with MongoDB installed. I cannot connected to the database on the same VPS as it gives me 'Unauthorised' error.

SETTING UP THE DB AND USER ON THE VPS

To set up the database on my MongoDB instance I SSH'd into my VPS and entered into the mongo shell:

$ mongo

I then switched to the admin database, and tried to view the users of it. The first stranage thing was it wouldnt let me do that:

use admin
switched to db admin
show users

The error I got was as follows:

2020-05-22T12:13:25.362+0100 E QUERY    [js] Error: not authorized on admin to execute command { usersInfo: 1.0, lsid: { id: UUID("bbb18683-839f-4c7d-b453-f774cbc94efd") }, $db: "admin" } :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.getUsers@src/mongo/shell/db.js:1763:1
shellHelper.show@src/mongo/shell/utils.js:859:9
shellHelper@src/mongo/shell/utils.js:766:15
@(shellhelp2):1:1

I carried on, to create a user in the admin database, so that I could then create a user in my app's database to enable me to connect to the app's database:

db.createUser({user: "superAdmin",pwd: "admin123",roles: [ { role: "root", db: "admin" } ]})

Which was successfull:

Successfully added user: {
    "user" : "superAdmin",
    "roles" : [
        {
            "role" : "root",
            "db" : "admin"
        }
    ]
}

So I then re-loaded the mongod service and logged into the shell with the user I just made:

mongo --port 27017 -u "superAdmin" -p "admin123" --authenticationDatabase "admin"

I then switched to my app's db and made the user as follows:

use appDB
switched to db appDB
db.createUser({user: "DBuser",pwd: "DBpassword",roles: ["readWrite"]})
Successfully added user: { "user" : "DBuser", "roles" : [ "readWrite" ] }

ACCESSING THE DB WITH THE CREATED USER FROM THE APP ON SAME LINODE

Within my node.js app, which is on the same linode VPS I use the following connection URI:

'mongodb://DBuser:DBpassword@localhost:27017/appDB'

Now when I run the seeds file, whilst SSH'd into the VPS, to populate the database on the VPS I get an unauthorized error:

errmsg:
   'not authorized on appDB to execute command { dropDatabase: 1, lsid: { id: UUID("b2c1ffc7-1912-42e3-8f74-ab3726dff3f2") }, $db: "appDB" }',
  code: 13,
  codeName: 'Unauthorized',

This error even happens when I try to use my frontend app to create a new record in the database.

I cannot even access my database instance on VPS via Insomnia.

This was all working locally without (the user name and password) in the DB URL.

How do I set my MongoDB instance up correctly to accept connections?

Any help would be greatly appreciated!

PS - I followed this instructions to set up my Linode: https://www.codementor.io/@tomgeraghty/hosting-an-express-server-nodejs-application-with-linode-e1j7wt7mr

Solution

You gave your user readWrite role, but that role doesn't allow execution of command dropDatabase, only the dbAdmin role can do that. See the available built-in roles here: https://docs.mongodb.com/manual/reference/built-in-roles/

Ideally, you'd create yourself a custom role with all the necessary privileges required, and assign that role to your application's user. More info on user-defined roles here: https://docs.mongodb.com/manual/core/security-user-defined-roles/

Answered By - Zahiar

Answer Checked By - Candace Johnson (PHPFixing Volunteer)