Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Comimoc Back

Comimoc Back is the back-end part of the Comimoc project.

It is a light backend that provide a RESTful API to handle comments and a UI for easy administration.

It uses MongoDB to store data and it is built with Flask + powerful extensions:


  • Store simple comments for pages for as much as website you want
  • Provide a simple admin GUI on which you can handle your comments
  • Support multiple administrator

How to...

install it?

You need MongoDB and python 2.7. Then just pip install comimoc or get the source on

Example in a virtual env:

$ virtualenv ~/virtualenvs/comimoc
$ cd ~/virtualenvs/comimoc
$ . bin/activate
(comimoc)$ pip install comimoc

run it?

The Flask application is available through comimoc.create_app(options) which will return you a Flask app you could use with every WSGI capable server. So all you have to do is to give it your settings and get back the app to expose it.

Example with gunicorn:

Still in our virtual env, install gunicorn and create a simple application creator.

(comimoc)$ pip install gunicorn
(comimoc)$ touch

Paste this down in it

from comimoc import create_app

options = {
    "SECRET_KEY": "Your secret key goes here",
        "DB": "comimoc",
flask_app = create_app(options)

And run gunicorn

(comimoc)$ gunicorn mycomimoc:flask_app
2013-09-08 21:15:15 [24925] [INFO] Starting gunicorn 18.0
2013-09-08 21:15:15 [24925] [INFO] Listening at: (24925)
2013-09-08 21:15:15 [24925] [INFO] Using worker: sync
2013-09-08 21:15:15 [24930] [INFO] Booting worker with pid: 24930

Et voilà, your comimoc back-end is running. Of course gunicorn can take many options and you might want to run a server in front like Apacha or Nginx. More information about how deploying a Flask app

About the SECRET_KEY

Do not forget to provide your own. The application just won't work without it. It needs it for CSRF and cookie protection. You can easily create one with python:

>>> import os
>>> os.urandom(24)

set it?

The options you have to give when creating the application can contain all Flask and Flask-MongoEngine settings in addition to the Comimoc settings.

  • USE_CORS: Boolean. Use cross origin resource sharing by adding HTTP Headers depending on the CORS_* settings below. This allow you to have the front-end and the back-end on different domains. Very useful for multiple front and one back-end. default: True.
  • CORS_ALLOW_ORIGIN_WHITELIST: List of string. List of your front-end URL if you set USE_CORS on True. Do not forget the scheme (http://, https://). Tips: you may need to add the root domain and the www subdomain if your site is available on both. default: () (empty).
  • CORS_ALLOW_CREDENTIALS: Boolean. Allow credentials. Mandatory if you want the browser to send cookie in CORS with preflight requests. Comimoc does not need it for now. default: True.
  • CORS_ALLOW_METHODS: String. Specifies the method or methods allowed when accessing the resource. It will be surprising if you have to change this one. default: 'GET, POST, PUT, DELETE, OPTIONS'.
  • CORS_ALLOW_HEADERS: String. Used in response to a preflight request to indicate which HTTP headers can be used when making the actual request. Default value works fine with Comimoc Front, but you may adapt it to your situation especially if you are using custom HTTP headers. default: 'content-type, accept, origin'.
  • ADMIN_EMAILS: List of string. By default only the first user registered is automatically an administrator. Others are just registered but have no access. If you fear for your app security or do not want to check by hand all the users that should automatically be admin add here a list of admin emails. default: () (empty).
  • CORS_MAX_AGE: Integer. This indicates how long the results of a preflight request can be cached in seconds. default: 1728000 (20 days).

So the minimal settings you have to set are the SECRET_KEY and the MONGODB_SETTINGS if Comimoc back and front are accessible from the same domain. Add CORS_ALLOW_ORIGIN_WHITELIST if they are not.

use it?

For getting and posting comments, best is to use it with Comimoc Front which is an AngularJS application easily customisable. You can see it in action in my own blog.

The admin GUI is available at /admin and should ask to register a user the first time you go on it. The first user registered will be an admin by default, unless you set a list of allowed administrators email, in this case, only matching user will be set as administrator.

develop my own front-end

The API is very simple for now:

  • GET /comments?website=''&page='' should return all comments matching the page for the website id given.
    comments: [...]
  • POST /comments should return the saved comment.
  "id": "522cba7897b60e713cd1bae5",
  "page": "/cool_story_bro.html",
  "website": "",
  "author_email": "d10ca8d11301c2f4993ac2279ce4b930", // md5 gravatar suitable email
  "author_name": "Jérôme Steunou",                    // author name
  "author_website": null,                             // author website (not mandatory)
  "content": "Indeed.",                               // the comment itself
  "when": "Sun, 08 Sep 2013 17:57:12 GMT"             // datetime in RFC 822 see

Why Comimoc?

Comimoc stands for COMments In My Own Cloud. As I create my blog with Pelican to keep the control on my content and also having a very simple system with tools I know very well (Python and Github) I wanted the same for my comments. But I did not find it. A lot of people goes for Disqus but I think it is giving to much data and control. So I create Comimoc which is very simple, light and can be run on your own server or at Heroku or at Red Had Cloud OpenShift, etc. And for nothing! For a simple blog, running Comimoc on PaaS services cost nothing and you can backup your comments everyday.

So that's it, I wrote it and I am sharing it so everyone can use it and keep control on their own data.

Source code

You can access the source code at:

Feel free to dive in, hack in, contribute or ask features (You can ask, I might not add it).


Comimoc Back-end for Comimoc project




No releases published


No packages published