Handle an authentication request by getting a user/password pair, and
re-trying the request. authreq should be the name of the header
where the information about the realm is included in the request,
host specifies the URL and path to authenticate for, req
should be the (failed) Request object, and headers
should be the error headers.
host is either an authority (e.g. "python.org") or a URL
containing an authority component (e.g. "http://python.org/").
In either case, the authority must not contain a userinfo component
(so, "python.org" and "python.org:80" are fine,
"joe:firstname.lastname@example.org" is not).