fix(curogram-mcp): login on authentication host with Dashboard source

The programmatic Login was POSTing to api-v2.curogram.com/graphql, which
has no `login` field and rejects the mutation with HTTP 400
GRAPHQL_VALIDATION_FAILED. The `login`/`setPassword`/`changePassword`
mutations live on authentication.curogram.com. Additionally the
`source: LoginPage!` enum's only member is the literal "Dashboard" (the
old "PROVIDER" value does not exist in the enum and is rejected with
BAD_USER_INPUT).

Point login at CUROGRAM_HOSTS.auth and pass source "Dashboard". Verified
against the live app bundle and a 200 login response. Data calls remain
on api-v2; session-cache, auto-relogin-on-401, MFA detection, and the CDP
cookie fallback are unchanged.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>