EDIT: Was writing while you wrote :) My answer still stands :) Basic-Auth works like that and this possible extension for Nim would just do the same as you do right now.
Maintaining sessions for other authorization schemes would be something more special as those come in a multitude of formats from url based session IDs to one or more cookies. I guess that grab is recording cookies and send them back like a web browser does it. But this has nothing to do with basic-auth and would not change anything for your code imho.
