HOWTO: Fully automated Zwift login on Mac OS X

Thursday, December 3rd, 2015 at 10:43 pm | 10,380 views | trackback url

Zwift LogoQuite a few riders on the Facebook Zwift Riders group have expressed an interest in this, so I decided to take a couple of hours, learn AppleScript and knock this out. Done! (if you’re on Windows, you want this other HOWTO instead)

What this code does, is allows you to create a single icon that will log you into Zwift, with no human interaction needed. It will put in your email, password, click the “Start Ride” button and away you go!

This also leverages the OS X Keychain to store your Zwift email address and password, so it’s secure, not leaked into the filesystem and is able to be called on by any other apps that might need it (ahem, like… Zwift itself!) :D

So here’s how to get it working…

First, we need to create a separate keychain to store the Zwift credentials. You could store them in the main keychain, but I’m a fan of credential separation, so let’s use that.

Launch Keychain Access on your Mac (cmd + spacebar, type in “Keychain”).
Mac OS X Keychain Access

You’ll see a number of keychains listed there in the upper-left of Keychain Access. We’re going to create a new one, so go to File -> New Keychain and call it whatever you want.

I called mine “Zwift” so I can remember it when I see it on the filesystem or in the app later. It should default to save in ~/Library/Keychains/. Don’t change this path for now.

When you click “Create”, you’ll be prompted for a password to secure that keychain. Make it something relatively strong if you want to protect your credentials. If you don’t care, make it weak. Click on “Ok” and it will be created and saved.

Creating the Zwift keychain

Now right-click on the new keychain you just created in the list and select “Change Settings for Keychain Zwift”. We’re going to adjust the timeout when you have to re-enter your password to unlock this keychain.

Changing Zwift keychain settings

If you want a fully automated login, where you never have to enter a password or interact with this at all, uncheck both boxes, so it doesn’t lock after inactivity or when your computer goes to sleep.

If you prefer a bit more control/security, change the settings as you see fit.

Mine looks like this:

Zwift keychain timeout settings

Click on “Save” to save those settings.

Next, we need to add an account to the keychain. This will be your Zwift account, the same one you use to log into Zwift itself in the app and on the website. Click the little [+] at the bottom of the Keychain Access window to create a new entry. Here’s what it should look like when you’ve got it filled out correctly:

Creating a new Zwift keychain entry

Click on “Add” to add this entry to the keychain. Now you’ll see one entry in your list.

Zwift keychain user login entry

If you right-click on the entry, you can add some more details to it, but you don’t need to. I left it at the defaults.

Zwift keychain account additional details

Now let’s test that it locks and unlocks properly. Right-click on the keychain in the list on the left side and choose “Lock Keychain Zwift” (do not accidentally choose “Make Keychain Zwift Default”, or you’ll have a bad time)

Locking the Zwift keychain

Once locked, you’ll see the litte padlock icon next to it show “closed”. Right-click again and select “Unlock Keychain Zwift”, put in your password and see that it cleanly unlocks and that the padlock shows “open” next to the name:

Unlocking the Zwift keychain

That’s just about the hardest part of this process. Now on to the code!

I’ve never written a single byte of AppleScript until today, so I decided to give it a shot, learn the language, tried a few early attempts at this storing passwords in the code, then in files I’d read from disk, then encrypted files I’d decrypt, but that was messy. Why reinvent the wheel when OS X already has an encrypted keystore I can use? So I did.

Launch “Automator” (cmd + spacebar) and when prompted, select “Application” and click “Choose” to create one.
Mac OS X Automator
Mac OS X Automator Start screen

You’ll see a blank screen on the right and some macros and variables on the left. Don’t be scared, this is going to be EASY!

In the search dialog in the upper-left area, start typing “AppleScript”. You should see the list of items shorten to only one, as shown here:

Automator with AppleScript

Click that one entry and drag it to the empty canvas area on the right side of the Automator screen. When you let go, you’ll see something that looks like this on the right:

AppleScript starting point

Put your cursor in that window, select all of that default boilerplate and delete it, we’re going to start with a blank script here.

Blank AppleScript script

I’ve already written the code for you, so all you need to do here is cut and paste it into this window. Here’s the code (also available as a downloadable file by clicking this link)

on run {input, parameters}
  set userName to long user name of (system info)                 # User's full name
  set userHome to (system attribute "HOME")                       # User's home directory
  set secBin to "/usr/bin/security"                               # Full path to 'security' binary
  set kcName to "\"Zwift Login\""                                 # Keychain Name
  set kcPath to userHome & "/Library/Keychains/Zwift.keychain"    # Path to where the Zwift keychain lives
  set mySedMess to "sed 's/.*\"acct\"<blob>=\"\\(.*\\)\"/\\1/'"   # A horrible mess of sed. Nuff sed.
  
  # This is ugly, but it's the only way I could find to pull the account name from the Keychain.
  # Don't forget all of those escaping backslashes! (LTS - Leaning Toothpick Syndrome)  
  set zUser to do shell script (secBin & " " & "find-generic-password 2>&1 /dev/null -gs " & kcName & " " & kcPath & " | grep acct | " & mySedMess)
 
  set zPass to do shell script (secBin & " " & "find-generic-password -wa " & zUser & " -gs " & kcName & " " & kcPath)
  
  activate application "Zwift"

  tell application "System Events"
    delay 3                                              # Wait for the login dialog to show up
    set frontmost of process "Zwift" to true             # Force Zwift process to the front
    keystroke tab                                        # Put the cursor into the Email field
    keystroke zUser                                      # Send the username (from above)
    keystroke tab                                        # Jump to the Password field
    keystroke zPass                                      # Send the password
    keystroke return                                     # Press Enter to start the fun!
    
  end tell
  return input
end run

Cut and paste that into the script window (or use the direct link to the file).

At the very top of the file are a couple of minor tunables. Make sure those match what your system and environment are set up with. If you chose a different name for your keychain file for example, you’ll need to change that here. Likewise with the name of the account’s title within that keychain; change that here as well. If you called it “Zwift” and used “Zwift Login” as I did, you don’t need to change anything.

Also, there are some delays built into the script (search for the word ‘delay’). If your system is a bit slower, you may need to increase that delay by a few seconds.

cmd + S to save the script, which should prompt you for a name. I called this one “AutoZwift”, but you can call it whatever you like. This will become its own standalone .app file you can launch from anywhere by double-clicking on it, so feel free to put it wherever you want.

We’re not quite done! Before you close Automator, let’s make sure it works as expected. Click the little “Run” button on the far, upper-right corner of the Automator GUI to test the script. If you got everything correct, you should get no warnings, errors or popup dialog boxes.

Automator Run button

One last thing: Because you’re asking Automator to read events and pass keyboard events into windows owned by other processes, you need to grant Automator the permission and access to do so. To do that, go into your System Preferences -> Security & Privacy and make sure you enable (check the box) Automator to do so:

OS X Security & Privacy

OS X Automator Permissions

Now you should have a fully-automated Zwift login icon with credentials secured by your OS’ built-in encrypted keystore.

Good luck and #RideOn!

(p.s. For those run Zwift on Microsoft Windows, I’ve written a detailed HOWTO for you too! Stay tuned for more great HOWTOs for Zwift!)

Last Modified: Wednesday, September 12th, 2018 @ 14:59

Leave a Reply

You must be logged in to post a comment.

Bad Behavior has blocked 2551 access attempts in the last 7 days.