We should send the Authorization header eagerly, rather than adding a round-trip for the 401 response. Also, we should only allow basic auth if HTTPS is enabled (to prevent sending the password in the clear).

Hi I added the support for basic authentication and submitted a pull request. Could you give it a review?

Link: #75