diff --git a/tests/storage/test_http.py b/tests/storage/test_http.py
index 87ab559..202bda2 100644
--- a/tests/storage/test_http.py
+++ b/tests/storage/test_http.py
@@ -1,4 +1,5 @@
 import pytest
+from aiohttp import BasicAuth
 from aioresponses import CallbackResult
 from aioresponses import aioresponses
 
@@ -88,8 +89,8 @@ def test_readonly_param(aio_connector):
 def test_prepare_auth():
     assert prepare_auth(None, "", "") is None
 
-    assert prepare_auth(None, "user", "pwd") == ("user", "pwd")
-    assert prepare_auth("basic", "user", "pwd") == ("user", "pwd")
+    assert prepare_auth(None, "user", "pwd") == BasicAuth("user", "pwd")
+    assert prepare_auth("basic", "user", "pwd") == BasicAuth("user", "pwd")
 
     with pytest.raises(ValueError) as excinfo:
         assert prepare_auth("basic", "", "pwd")
@@ -109,7 +110,8 @@ def test_prepare_auth_guess(monkeypatch):
     import requests_toolbelt.auth.guess
 
     assert isinstance(
-        prepare_auth("guess", "user", "pwd"), requests_toolbelt.auth.guess.GuessAuth
+        prepare_auth("guess", "user", "pwd"),
+        requests_toolbelt.auth.guess.GuessAuth,
     )
 
     monkeypatch.delattr(requests_toolbelt.auth.guess, "GuessAuth")
diff --git a/vdirsyncer/http.py b/vdirsyncer/http.py
index 979d7fc..4947291 100644
--- a/vdirsyncer/http.py
+++ b/vdirsyncer/http.py
@@ -36,7 +36,7 @@ del _detect_faulty_requests
 def prepare_auth(auth, username, password):
     if username and password:
         if auth == "basic" or auth is None:
-            return (username, password)
+            return aiohttp.BasicAuth(username, password)
         elif auth == "digest":
             from requests.auth import HTTPDigestAuth
 
@@ -59,8 +59,8 @@ def prepare_auth(auth, username, password):
             "You need to specify username and password "
             "for {} authentication.".format(auth)
         )
-    else:
-        return None
+
+    return None
 
 
 def prepare_verify(verify, verify_fingerprint):
@@ -126,8 +126,6 @@ async def request(
 
     session.hooks = {"response": _fix_redirects}
 
-    func = session.request
-
     # TODO: rewrite using
     # https://docs.aiohttp.org/en/stable/client_advanced.html#client-tracing
     logger.debug("=" * 20)
@@ -140,12 +138,7 @@ async def request(
 
     kwargs.pop("cert", None)  # TODO XXX FIXME!
 
-    auth = kwargs.pop("auth", None)
-    if auth:
-        kwargs["auth"] = aiohttp.BasicAuth(*auth)
-
-    r = func(method, url, ssl=ssl, **kwargs)
-    r = await r
+    r = await session.request(method, url, ssl=ssl, **kwargs)
 
     # See https://github.com/kennethreitz/requests/issues/2042
     content_type = r.headers.get("Content-Type", "")
diff --git a/vdirsyncer/storage/dav.py b/vdirsyncer/storage/dav.py
index 21588ad..363e0f9 100644
--- a/vdirsyncer/storage/dav.py
+++ b/vdirsyncer/storage/dav.py
@@ -385,8 +385,10 @@ class DAVSession:
     ):
         self._settings = {
             "cert": prepare_client_cert(auth_cert),
-            "auth": prepare_auth(auth, username, password),
         }
+        auth = prepare_auth(auth, username, password)
+        if auth:
+            self._settings["auth"] = auth
         self._settings.update(prepare_verify(verify, verify_fingerprint))
 
         self.useragent = useragent
diff --git a/vdirsyncer/storage/http.py b/vdirsyncer/storage/http.py
index 4e3fc79..dcbc002 100644
--- a/vdirsyncer/storage/http.py
+++ b/vdirsyncer/storage/http.py
@@ -35,14 +35,16 @@ class HttpStorage(Storage):
         *,
         connector,
         **kwargs
-    ):
+    ) -> None:
         super().__init__(**kwargs)
 
         self._settings = {
-            "auth": prepare_auth(auth, username, password),
             "cert": prepare_client_cert(auth_cert),
             "latin1_fallback": False,
         }
+        auth = prepare_auth(auth, username, password)
+        if auth:
+            self._settings["auth"] = auth
         self._settings.update(prepare_verify(verify, verify_fingerprint))
 
         self.username, self.password = username, password