Fix auth errors, CORS, control center login, and stale session handling

- Mitra auth: parse DioException response for proper error messages
  (ACCOUNT_NOT_FOUND, ACCOUNT_INACTIVE) instead of generic "OTP invalid"
- Backend: add CORS to internal app (port 3001) for control center
- Control center: fix login race condition (wait for AuthContext verify
  before navigating), fix MitraActivityPage fetching paginated data
- Stale session goodbye: both apps detect SESSION_NOT_ACTIVE/409 and
  move to complete state instead of retrying endlessly

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

control_center/src/pages/login/LoginPage.jsx

@@ -1,25 +1,27 @@
-import { useState } from 'react'
+import { useState, useEffect } from 'react'
 import { useNavigate } from 'react-router-dom'
 import { useAuth } from '../../core/auth/AuthContext'
 
 export default function LoginPage() {
-  const { login } = useAuth()
+  const { user, loading: authLoading, login } = useAuth()
   const navigate = useNavigate()
   const [email, setEmail] = useState('')
   const [password, setPassword] = useState('')
   const [error, setError] = useState('')
   const [loading, setLoading] = useState(false)
 
+  useEffect(() => {
+    if (user) navigate('/', { replace: true })
+  }, [user, navigate])
+
   const handleSubmit = async (e) => {
     e.preventDefault()
     setError('')
     setLoading(true)
     try {
       await login(email, password)
-      navigate('/')
     } catch {
       setError('Email atau password salah.')
-    } finally {
       setLoading(false)
     }
   }

control_center/src/pages/mitra-activity/MitraActivityPage.jsx

@@ -23,8 +23,8 @@ const fetchLog = async ({ mitra_id, date_from, date_to, page, limit }) => {
 }
 
 const fetchMitras = async () => {
-  const res = await apiClient.get('/internal/mitras')
-  return res.data.data
+  const res = await apiClient.get('/internal/mitras?limit=100')
+  return res.data.data.items
 }
 
 const responseColor = (response) => {