@conversionpros/aiva 1.0.0

package/docs/xai-voice-tools-scope.md

@@ -0,0 +1,165 @@
+# xAI Voice Agent — Tool Calling Integration
+
+## Goal
+Add custom function tools to the Ara voice call so Grok can create tasks, manage documents, check calendar, and send messages during live conversation.
+
+## How xAI Tool Calling Works
+In `session.update`, add a `tools` array with function definitions. When Grok decides to call a function, the server receives a `response.function_call_arguments.done` event with:
+- `name` — function name
+- `call_id` — unique ID to match the response
+- `arguments` — JSON string of arguments
+
+Server executes the function, then sends back:
+1. `conversation.item.create` with `type: "function_call_output"`, `call_id`, and `output` (JSON string)
+2. `response.create` to let Grok continue speaking with the result
+
+## Tools to Implement
+
+### 1. `create_task` — Create a task on the AIVA board
+```json
+{
+  "type": "function",
+  "name": "create_task",
+  "description": "Create a new task on the AIVA task board. Use this when Brandon asks you to add a task, create a to-do, or remember to do something.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "title": { "type": "string", "description": "Task title" },
+      "description": { "type": "string", "description": "Task description or details" },
+      "priority": { "type": "string", "enum": ["low", "normal", "high"], "description": "Task priority" },
+      "assignee": { "type": "string", "description": "Who to assign to (default: aiva)" }
+    },
+    "required": ["title"]
+  }
+}
+```
+**Implementation:** `POST http://localhost:3847/api/tasks` with `x-aiva-internal: true` header
+Body: `{ "title": ..., "description": ..., "priority": ..., "assignee": ..., "status": "todo", "requestedFor": "brandon" }`
+
+### 2. `list_tasks` — List current tasks
+```json
+{
+  "type": "function",
+  "name": "list_tasks",
+  "description": "List tasks on the AIVA task board. Use when Brandon asks what's on the board, what tasks are pending, or what's in progress.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "status": { "type": "string", "enum": ["todo", "in-progress", "needs-review", "done", "all"], "description": "Filter by status" }
+    }
+  }
+}
+```
+**Implementation:** `GET http://localhost:3847/api/tasks` with `x-aiva-internal: true`, filter by status if provided. Return summary (title + status + assignee for each).
+
+### 3. `update_task` — Update a task
+```json
+{
+  "type": "function",
+  "name": "update_task",
+  "description": "Update an existing task (change status, add notes, reassign). Use when Brandon says to move a task, mark something done, or add details to a task.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "task_title": { "type": "string", "description": "Title or partial title to find the task" },
+      "status": { "type": "string", "enum": ["todo", "in-progress", "needs-review", "done"] },
+      "notes": { "type": "string", "description": "Note to add to the task" },
+      "assignee": { "type": "string", "description": "Reassign to someone" }
+    },
+    "required": ["task_title"]
+  }
+}
+```
+**Implementation:** `GET /api/tasks` → find by title match → `PUT /api/tasks/:id` with updates
+
+### 4. `check_calendar` — Check calendar events
+```json
+{
+  "type": "function",
+  "name": "check_calendar",
+  "description": "Check Brandon's calendar for today or upcoming events. Use when he asks about his schedule, meetings, or what's coming up.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "timeframe": { "type": "string", "enum": ["today", "tomorrow", "this_week"], "description": "Time range to check" }
+    }
+  }
+}
+```
+**Implementation:** Run `gog cal today` or `gog cal tomorrow` via child_process.exec and return output.
+
+### 5. `send_message` — Send a message in AIVA app chat
+```json
+{
+  "type": "function",
+  "name": "send_message",
+  "description": "Send a text message in the AIVA app chat. Use when Brandon asks you to write something down, send a note, or post a message.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "message": { "type": "string", "description": "The message to send" }
+    },
+    "required": ["message"]
+  }
+}
+```
+**Implementation:** `POST http://localhost:3847/api/chat/aiva-reply` with `userId: "brandon"`, `text: message`, `x-aiva-internal: true`
+
+### 6. `search_documents` — Search workspace files
+```json
+{
+  "type": "function",
+  "name": "search_documents",
+  "description": "Search through AIVA's workspace documents and memory files. Use when Brandon asks about past conversations, notes, or stored information.",
+  "parameters": {
+    "type": "object",
+    "properties": {
+      "query": { "type": "string", "description": "Search query" }
+    },
+    "required": ["query"]
+  }
+}
+```
+**Implementation:** Run `grep -r -i -l "<query>" ~/.openclaw/workspace/memory/ ~/.openclaw/workspace/MEMORY.md` then read matching files and return relevant excerpts.
+
+## Server Changes (`voice-call.js`)
+
+### 1. Add tools to session.update
+In the `session.update` message sent to xAI, add the `tools` array with all function definitions above.
+
+### 2. Handle function calls
+In the WebSocket message handler, add a case for `response.function_call_arguments.done`:
+```javascript
+case 'response.function_call_arguments.done':
+  const { name, call_id, arguments: argsStr } = msg;
+  const args = JSON.parse(argsStr);
+  const result = await executeTool(name, args);
+  
+  // Send result back
+  xaiWs.send(JSON.stringify({
+    type: 'conversation.item.create',
+    item: {
+      type: 'function_call_output',
+      call_id: call_id,
+      output: JSON.stringify(result)
+    }
+  }));
+  
+  // Let Grok continue
+  xaiWs.send(JSON.stringify({ type: 'response.create' }));
+  break;
+```
+
+### 3. Implement `executeTool(name, args)` function
+Switch on tool name, execute the appropriate API call, return result object.
+
+## DO NOT TOUCH
+- Microphone icon / voice-to-text
+- Any other app features
+- The audio streaming / playback code (already working)
+
+## Files to Modify
+- `voice-call.js` — Add tools to session config + handle function calls
+
+## After changes
+`pm2 restart aiva-app`

package/email-router.js

@@ -0,0 +1,512 @@
+// ── Email Router Module ──────────────────────────────────
+// Event-driven email routing with rules engine, AI triage, and draft generation
+const path = require('path');
+const fs = require('fs');
+const { db, stmts } = require('./router-db');
+
+// ── Config ──────────────────────────────────────────────
+const POLL_INTERVAL_MS = 5 * 60 * 1000; // 5 minutes
+const ACCOUNTS = ['burgan.brandon@gmail.com', 'brandon@conversionmarketingpros.com'];
+const API_BASE = 'http://localhost:3847/api/integrations/google/emails';
+const ACCOUNT_MAP = {
+  'burgan.brandon@gmail.com': 'bee69b18-3847-4a6f-a518-ada17d0a18c0',
+  'brandon@conversionmarketingpros.com': 'ebf27762-3847-4a6f-a518-ada17d0a18c0',
+};
+const WORKSPACE = process.env.OPENCLAW_WORKSPACE || path.join(process.env.HOME, '.openclaw', 'workspace');
+const CONFIG_PATH = path.join(process.env.HOME, '.openclaw', 'openclaw.json');
+
+let pollTimer = null;
+let isPolling = false;
+
+function emailLog(msg, data) {
+  const ts = new Date().toISOString();
+  if (data) console.log(`[${ts}] [EMAIL-ROUTER] ${msg}`, JSON.stringify(data));
+  else console.log(`[${ts}] [EMAIL-ROUTER] ${msg}`);
+}
+
+function getOpenClawPassword() {
+  try {
+    const config = JSON.parse(fs.readFileSync(CONFIG_PATH, 'utf-8'));
+    return config?.gateway?.auth?.password || '';
+  } catch { return ''; }
+}
+
+function loadPersonalityFiles() {
+  const files = ['SOUL.md', 'USER.md'];
+  const parts = [];
+  for (const f of files) {
+    try {
+      const content = fs.readFileSync(path.join(WORKSPACE, f), 'utf-8');
+      parts.push(`[${f}]\n${content}`);
+    } catch { /* skip missing */ }
+  }
+  const sensitivePatterns = [
+    /api[_-]?key/i, /password/i, /token/i, /secret/i, /openclaw/i,
+    /localhost/i, /127\.0\.0\.1/i, /\.openclaw\//i, /curl\s/i,
+    /sk-ant-/i, /sk-or-/i, /ghp_/i, /xai-/i, /r8_/i,
+    /supabase/i, /cloudflare/i, /twilio/i, /replicate/i,
+  ];
+  for (let i = 0; i < parts.length; i++) {
+    const lines = parts[i].split('\n');
+    parts[i] = lines.filter(line => !sensitivePatterns.some(p => p.test(line))).join('\n');
+  }
+  return parts.join('\n\n---\n\n');
+}
+
+async function callClaude(model, systemPrompt, messages, maxTokens = 1024) {
+  const password = getOpenClawPassword();
+  if (!password) { emailLog('No OpenClaw password found'); return null; }
+  const allMessages = [{ role: 'system', content: systemPrompt }, ...messages];
+  try {
+    const resp = await fetch('http://127.0.0.1:18789/v1/chat/completions', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${password}` },
+      body: JSON.stringify({ model, max_tokens: maxTokens, messages: allMessages }),
+      signal: AbortSignal.timeout(60000),
+    });
+    if (!resp.ok) {
+      const errText = await resp.text();
+      emailLog('Claude API error', { status: resp.status, body: errText.substring(0, 200) });
+      return null;
+    }
+    const json = await resp.json();
+    return json.choices?.[0]?.message?.content?.trim() || null;
+  } catch (err) {
+    emailLog('Claude API call failed', { error: err.message });
+    return null;
+  }
+}
+
+// ── Gmail Integration ───────────────────────────────────
+
+async function fetchUnreadEmails(account) {
+  try {
+    const accountId = ACCOUNT_MAP[account];
+    const url = `${API_BASE}?q=is:unread&accountId=${accountId}`;
+    const resp = await fetch(url, { signal: AbortSignal.timeout(30000) });
+    if (!resp.ok) {
+      emailLog('Failed to fetch unread emails', { account, status: resp.status });
+      return [];
+    }
+    const data = await resp.json();
+    // API returns array of emails directly; wrap as thread-like objects with id
+    return (data.emails || data || []).map(e => ({ id: e.id || e.threadId, ...e }));
+  } catch (err) {
+    emailLog('Failed to fetch unread emails', { account, error: err.message });
+    return [];
+  }
+}
+
+async function fetchEmailThread(threadId, account) {
+  try {
+    const accountId = ACCOUNT_MAP[account];
+    const url = `${API_BASE}/${threadId}?accountId=${accountId}`;
+    const resp = await fetch(url, { signal: AbortSignal.timeout(15000) });
+    if (!resp.ok) {
+      emailLog('Failed to read email', { threadId, account, status: resp.status });
+      return null;
+    }
+    const data = await resp.json();
+    // The internal API returns a structured email object
+    return {
+      id: data.id,
+      threadId: data.threadId || threadId,
+      from: data.from || '',
+      to: data.to || '',
+      subject: data.subject || '',
+      date: data.date || '',
+      bodyText: data.bodyText || data.body || data.snippet || '',
+      bodyHtml: data.bodyHtml || '',
+      labels: data.labels || data.labelIds || [],
+    };
+  } catch (err) {
+    emailLog('Failed to read email thread', { threadId, account, error: err.message });
+    return null;
+  }
+}
+
+function parseFromHeader(fromStr) {
+  // "Name <email@example.com>" or "email@example.com"
+  const match = fromStr.match(/^(.+?)\s*<(.+?)>$/);
+  if (match) return { name: match[1].replace(/^"|"$/g, '').trim(), email: match[2].trim().toLowerCase() };
+  return { name: '', email: fromStr.trim().toLowerCase() };
+}
+
+async function archiveEmail(gmailId, account) {
+  try {
+    const accountId = ACCOUNT_MAP[account];
+    const resp = await fetch(`${API_BASE}/${gmailId}/labels`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ removeLabelIds: ['INBOX'], accountId }),
+      signal: AbortSignal.timeout(10000),
+    });
+    if (!resp.ok) {
+      emailLog('Failed to archive email', { gmailId, status: resp.status });
+      return;
+    }
+    emailLog('Archived email', { gmailId, account });
+  } catch (err) {
+    emailLog('Failed to archive email', { gmailId, error: err.message });
+  }
+}
+
+// ── Rules Engine ────────────────────────────────────────
+
+function findRule(senderEmail) {
+  // Check exact email match first
+  let rule = stmts.getEmailRuleByEmail.get(senderEmail.toLowerCase());
+  if (rule) return rule;
+
+  // Check domain match
+  const domain = '@' + senderEmail.split('@')[1];
+  rule = stmts.getEmailRuleByDomain.get(domain);
+  return rule || null;
+}
+
+// ── Email Processing Pipeline ───────────────────────────
+
+async function processEmail(emailData, account) {
+  const { name: fromName, email: fromEmail } = parseFromHeader(emailData.from);
+  const gmailId = emailData.id;
+
+  // Already processed?
+  const existing = stmts.getEmailProcessed.get(gmailId);
+  if (existing) return;
+
+  const rule = findRule(fromEmail);
+  const action = rule?.action || 'surface';
+
+  emailLog('Processing email', { gmailId, from: fromEmail, action, subject: emailData.subject?.substring(0, 60) });
+
+  switch (action) {
+    case 'auto-archive':
+      await archiveEmail(gmailId, account);
+      stmts.insertEmailProcessed.run(gmailId, account, 'auto-archived');
+      break;
+
+    case 'auto-unsubscribe':
+      await archiveEmail(gmailId, account);
+      stmts.insertEmailProcessed.run(gmailId, account, 'auto-unsubscribed');
+      break;
+
+    case 'auto-respond':
+      await handleAutoRespond(emailData, account, fromEmail, fromName, rule);
+      break;
+
+    case 'ai-draft':
+      await handleAiDraft(emailData, account, fromEmail, fromName, rule);
+      break;
+
+    case 'special-attention':
+      await handleSpecialAttention(emailData, account, fromEmail, fromName, rule);
+      break;
+
+    case 'surface':
+    default:
+      await surfaceEmail(emailData, account, fromEmail, fromName, rule);
+      break;
+  }
+}
+
+async function surfaceEmail(emailData, account, fromEmail, fromName, rule) {
+  stmts.insertEmailDraft.run(
+    emailData.id, account, fromEmail, fromName,
+    emailData.to || account, emailData.subject || '',
+    emailData.bodyText || '', emailData.bodyHtml || '',
+    null, 'pending', 'surfaced', rule?.id || null
+  );
+  stmts.insertEmailProcessed.run(emailData.id, account, 'surfaced');
+  await archiveEmail(emailData.id, account);
+}
+
+async function handleAutoRespond(emailData, account, fromEmail, fromName, rule) {
+  const template = rule.auto_respond_template || '';
+  let responseBody = template;
+
+  if (!template) {
+    // Generate AI response
+    const personality = loadPersonalityFiles();
+    const prompt = `You are drafting an email reply. ${rule.instructions || ''}
+
+Original email from ${fromName} <${fromEmail}>:
+Subject: ${emailData.subject}
+Body: ${(emailData.bodyText || '').substring(0, 3000)}
+
+Write a concise, professional reply. Output ONLY the email body text, no subject line or headers.`;
+
+    responseBody = await callClaude('claude-sonnet-4-20250514', personality, [{ role: 'user', content: prompt }]);
+    if (!responseBody) {
+      emailLog('AI response failed, surfacing instead', { gmailId: emailData.id });
+      await surfaceEmail(emailData, account, fromEmail, fromName, rule);
+      return;
+    }
+  }
+
+  // Send the response
+  try {
+    const accountId = ACCOUNT_MAP[account];
+    const sendResp = await fetch(`${API_BASE}/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        to: fromEmail,
+        subject: `Re: ${emailData.subject || ''}`,
+        body: responseBody,
+        accountId,
+      }),
+      signal: AbortSignal.timeout(15000),
+    });
+    if (!sendResp.ok) throw new Error(`HTTP ${sendResp.status}: ${await sendResp.text()}`);
+
+    stmts.insertEmailDraft.run(
+      emailData.id, account, fromEmail, fromName,
+      fromEmail, emailData.subject || '',
+      emailData.bodyText || '', emailData.bodyHtml || '',
+      responseBody, 'sent', 'auto-responded', rule?.id || null
+    );
+    stmts.insertEmailProcessed.run(emailData.id, account, 'auto-responded');
+    await archiveEmail(emailData.id, account);
+    emailLog('Auto-responded', { gmailId: emailData.id, to: fromEmail });
+  } catch (err) {
+    emailLog('Auto-respond send failed', { error: err.message });
+    await surfaceEmail(emailData, account, fromEmail, fromName, rule);
+  }
+}
+
+async function handleAiDraft(emailData, account, fromEmail, fromName, rule) {
+  const personality = loadPersonalityFiles();
+  const prompt = `You are drafting an email reply on behalf of Brandon. ${rule?.instructions || ''}
+
+Original email from ${fromName} <${fromEmail}>:
+Subject: ${emailData.subject}
+Body: ${(emailData.bodyText || '').substring(0, 3000)}
+
+Write a concise, natural reply as Brandon would write it. Output ONLY the email body text, no subject line or headers.`;
+
+  const draft = await callClaude('claude-sonnet-4-20250514', personality, [{ role: 'user', content: prompt }]);
+
+  stmts.insertEmailDraft.run(
+    emailData.id, account, fromEmail, fromName,
+    fromEmail, emailData.subject || '',
+    emailData.bodyText || '', emailData.bodyHtml || '',
+    draft || '', 'pending', 'ai-drafted', rule?.id || null
+  );
+  stmts.insertEmailProcessed.run(emailData.id, account, 'ai-drafted');
+  await archiveEmail(emailData.id, account);
+  emailLog('AI draft created', { gmailId: emailData.id, hasDraft: !!draft });
+}
+
+async function handleSpecialAttention(emailData, account, fromEmail, fromName, rule) {
+  const triagePrompt = `You are an email triage assistant. Evaluate this email and decide what to do.
+
+${rule?.instructions ? `Custom instructions: ${rule.instructions}\n` : ''}
+From: ${fromName} <${fromEmail}>
+Subject: ${emailData.subject}
+Body: ${(emailData.bodyText || '').substring(0, 2000)}
+
+Respond with EXACTLY one word: archive, surface, or escalate
+- archive = not important, auto-archive
+- surface = show to user for manual handling
+- escalate = important, generate an AI draft response`;
+
+  const decision = await callClaude('claude-haiku-3-5', 'You are a concise email triage bot. Respond with exactly one word.', [{ role: 'user', content: triagePrompt }]);
+  const action = (decision || 'surface').toLowerCase().trim();
+
+  emailLog('Haiku triage decision', { gmailId: emailData.id, decision: action });
+
+  if (action === 'archive') {
+    await archiveEmail(emailData.id, account);
+    stmts.insertEmailProcessed.run(emailData.id, account, 'haiku-archived');
+  } else if (action === 'escalate') {
+    await handleAiDraft(emailData, account, fromEmail, fromName, rule);
+  } else {
+    await surfaceEmail(emailData, account, fromEmail, fromName, rule);
+  }
+}
+
+// ── Poll Cycle ──────────────────────────────────────────
+
+async function pollAllAccounts() {
+  if (isPolling) {
+    emailLog('Poll already in progress, skipping');
+    return { skipped: true };
+  }
+  isPolling = true;
+  const results = {};
+
+  try {
+    for (const account of ACCOUNTS) {
+      emailLog('Polling account', { account });
+      const threads = await fetchUnreadEmails(account);
+      let processed = 0;
+
+      for (const thread of threads) {
+        try {
+          const emailData = await fetchEmailThread(thread.id, account);
+          if (emailData) {
+            await processEmail(emailData, account);
+            processed++;
+          }
+        } catch (err) {
+          emailLog('Error processing thread', { threadId: thread.id, error: err.message });
+        }
+      }
+
+      results[account] = { total: threads.length, processed };
+      emailLog('Account poll complete', { account, total: threads.length, processed });
+    }
+  } catch (err) {
+    emailLog('Poll cycle error', { error: err.message });
+  } finally {
+    isPolling = false;
+  }
+
+  return results;
+}
+
+// ── API Route Mounting ──────────────────────────────────
+
+function mountEmailRoutes(app, authMiddleware) {
+  // List email drafts with filters
+  app.get('/api/emails', authMiddleware, (req, res) => {
+    const status = req.query.status;
+    const limit = parseInt(req.query.limit) || 100;
+    let drafts;
+    if (status) {
+      drafts = stmts.getEmailDraftsByStatus.all(status, limit);
+    } else {
+      drafts = stmts.getAllEmailDrafts.all();
+    }
+    res.json(drafts);
+  });
+
+  // List all email rules
+  app.get('/api/emails/rules', authMiddleware, (req, res) => {
+    res.json(stmts.getAllEmailRules.all());
+  });
+
+  // Create a rule
+  app.post('/api/emails/rules', authMiddleware, (req, res) => {
+    const { email, domain, sender_name, action, instructions, auto_respond_template, auto_respond_mode } = req.body;
+    if (!action) return res.status(400).json({ error: 'action required' });
+    if (!email && !domain) return res.status(400).json({ error: 'email or domain required' });
+
+    const info = stmts.insertEmailRule.run(
+      email || null, domain || null, sender_name || null,
+      action, instructions || '', auto_respond_template || '', auto_respond_mode || 'once'
+    );
+    res.json({ id: Number(info.lastInsertRowid), success: true });
+  });
+
+  // Update a rule
+  app.put('/api/emails/rules/:id', authMiddleware, (req, res) => {
+    const existing = stmts.getEmailRuleById.get(parseInt(req.params.id));
+    if (!existing) return res.status(404).json({ error: 'Rule not found' });
+
+    const { email, domain, sender_name, action, instructions, auto_respond_template, auto_respond_mode } = req.body;
+    stmts.updateEmailRule.run(
+      email ?? existing.email, domain ?? existing.domain,
+      sender_name ?? existing.sender_name, action ?? existing.action,
+      instructions ?? existing.instructions,
+      auto_respond_template ?? existing.auto_respond_template,
+      auto_respond_mode ?? existing.auto_respond_mode,
+      parseInt(req.params.id)
+    );
+    res.json({ success: true });
+  });
+
+  // Delete a rule
+  app.delete('/api/emails/rules/:id', authMiddleware, (req, res) => {
+    stmts.deleteEmailRule.run(parseInt(req.params.id));
+    res.json({ success: true });
+  });
+
+  // Action on a draft (approve/send/archive/edit)
+  app.put('/api/emails/:id/action', authMiddleware, async (req, res) => {
+    const draft = stmts.getEmailDraftById.get(parseInt(req.params.id));
+    if (!draft) return res.status(404).json({ error: 'Draft not found' });
+
+    const { action, edited_draft } = req.body;
+
+    if (action === 'send' || action === 'approve') {
+      const bodyToSend = edited_draft || draft.ai_draft || draft.body_text || '';
+      const account = draft.account || ACCOUNTS[0];
+      const accountId = ACCOUNT_MAP[account];
+
+      try {
+        const sendResp = await fetch(`${API_BASE}/send`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            to: draft.from_email || '',
+            subject: `Re: ${draft.subject || ''}`,
+            body: bodyToSend,
+            accountId,
+          }),
+          signal: AbortSignal.timeout(15000),
+        });
+        if (!sendResp.ok) throw new Error(`HTTP ${sendResp.status}: ${await sendResp.text()}`);
+        stmts.updateEmailDraftStatus.run('sent', 'approved-and-sent', 'sent', parseInt(req.params.id));
+        if (edited_draft) stmts.updateEmailDraftAiDraft.run(edited_draft, parseInt(req.params.id));
+        return res.json({ success: true, status: 'sent' });
+      } catch (err) {
+        emailLog('Send failed', { error: err.message });
+        return res.status(500).json({ error: 'Send failed: ' + err.message });
+      }
+    } else if (action === 'archive' || action === 'reject') {
+      stmts.updateEmailDraftStatus.run('archived', action, action, parseInt(req.params.id));
+      return res.json({ success: true, status: 'archived' });
+    } else if (action === 'edit') {
+      if (edited_draft) stmts.updateEmailDraftAiDraft.run(edited_draft, parseInt(req.params.id));
+      return res.json({ success: true });
+    } else {
+      return res.status(400).json({ error: 'Invalid action. Use: send, approve, archive, reject, edit' });
+    }
+  });
+
+  // List connected accounts
+  app.get('/api/emails/accounts', authMiddleware, (req, res) => {
+    res.json({ accounts: ACCOUNTS });
+  });
+
+  // Manually trigger poll
+  app.post('/api/emails/poll', authMiddleware, async (req, res) => {
+    try {
+      const results = await pollAllAccounts();
+      res.json({ success: true, results });
+    } catch (err) {
+      res.status(500).json({ error: err.message });
+    }
+  });
+
+  emailLog('Email Router routes mounted');
+}
+
+// ── Start / Stop ────────────────────────────────────────
+
+function startEmailRouter(app, authMiddleware) {
+  mountEmailRoutes(app, authMiddleware);
+
+  // Start periodic polling
+  pollTimer = setInterval(() => {
+    pollAllAccounts().catch(err => emailLog('Poll error', { error: err.message }));
+  }, POLL_INTERVAL_MS);
+
+  // Initial poll after 30 seconds (let server fully start)
+  setTimeout(() => {
+    pollAllAccounts().catch(err => emailLog('Initial poll error', { error: err.message }));
+  }, 30000);
+
+  emailLog('Email Router started', { accounts: ACCOUNTS, pollIntervalMs: POLL_INTERVAL_MS });
+}
+
+function stopEmailRouter() {
+  if (pollTimer) {
+    clearInterval(pollTimer);
+    pollTimer = null;
+  }
+  emailLog('Email Router stopped');
+}
+
+module.exports = { startEmailRouter, stopEmailRouter, pollAllAccounts };