By default, MongoDB allows access to the database without authentication. Adding a user with a username/password is easy, but authenticating might be a bit tricky since the official documentation does not say the command directly.

First, we add an admin account. Navigate to the MongoDB directory on your machine then start the database.

$ ./mongo
> use admin
> db.addUser(adminuser, adminpassword)

Switch to the database of your choice and add users to it.

> use foo
> db.addUser(myuser, userpassword)

This adds a user myuser that has read and write access to the database. If we want a user with read-only access, set the third parameter for addUser().

> db.addUser(guest, guestpassword, true)

You can check for users with access to a particular database like thus:

> db.system.users.find().pretty()
{
        "_id" : ObjectId("4ee9863d954eb7168e07089d"),
        "user" : "zarah",
        "readOnly" : false,
        "pwd" : "70581bfb1e32e2286df11fe119addc7a"
}
{
        "_id" : ObjectId("4ee98658954eb7168e07089e"),
        "user" : "guest",
        "readOnly" : true,
        "pwd" : "88558f1ece63fa0b528012b9840bd9de"
}

Now stop the MongoDB server and restart it with authentication enabled.

$ ./mongod --auth
> mongo foo -u myuser -p userpassword<

where foo is the database that myuser has access to. You can now read and write into database foo. Notice however that querying for databases would result to an error:

> show dbs
Mon Dec 19 17:21:20 uncaught exception: listDatabases failed:{ "errmsg" : "need to login", "ok" : 0 }

Exit MongoDB and login again, this time using the read-only account. If we try inserting a document, an error should appear:

> db.foo.insert({"title","MongoDB Authentication Test"})
unauthorized

The read-only account can query for collections and use find() and its variations. It can’t, however, query for databases.