Switch the active org for the current browser session

Sets the `artery_active_org` cookie to the supplied orgId so subsequent /v1/me/* + /keys + /v1/me/wallets calls resolve scopes against that org. Rejected with 404 when the caller isn't a member of the requested org (no enumeration).