Essentials

Routing

Define routes with closures, controllers, groups, and attributes

Glueful’s router supports explicit route files, route groups, middleware, named routes, and PHP attributes.

Most applications start with routes/api.php in glueful/api-skeleton.

Basic Routes

use Glueful\Http\Response;

$router->get('/welcome', function () {
    return Response::success(['message' => 'Welcome']);
});

$router->get('/users', [UserController::class, 'index']);
$router->post('/users', [UserController::class, 'store']);

HTTP Methods

$router->get('/users', ...);
$router->post('/users', ...);
$router->put('/users/{id}', ...);
$router->delete('/users/{id}', ...);
$router->head('/status', ...);

Route Parameters

$router->get('/users/{id}', function (int $id) {
    return Response::success(['id' => $id]);
});

Parameter Constraints

$router->get('/users/{id}', [UserController::class, 'show'])
    ->where('id', '\d+');

$router->get('/posts/{year}/{month}', [PostController::class, 'index'])
    ->where([
        'year' => '\d{4}',
        'month' => '\d{2}',
    ]);

Route Groups

Groups are the normal way to organize versioned APIs:

use Glueful\Routing\Router;

$router->group(['prefix' => 'v1'], function (Router $router) {
    $router->get('/users', [UserController::class, 'index']);
    $router->post('/users', [UserController::class, 'store']);
});

That produces:

  • GET /v1/users
  • POST /v1/users

Group Middleware

$router->group([
    'prefix' => 'v1/admin',
    'middleware' => ['auth']
], function (Router $router) {
    $router->get('/dashboard', [AdminController::class, 'dashboard']);
});

Route Middleware

$router->get('/profile', [ProfileController::class, 'show'])
    ->middleware('auth');

$router->post('/upload', [UploadController::class, 'store'])
    ->middleware(['auth', 'rate_limit:10,60']);

Common middleware you will see in the framework:

  • auth
  • csrf
  • rate_limit:attempts,window

Named Routes

Routes can be named:

$route = $router->get('/users/{id}', [UserController::class, 'show'])
    ->where('id', '\d+')
    ->name('users.show');

To generate a URL, use the route object:

$url = $route->generateUrl(['id' => 123]);
// /users/123

Controller Resolution

When you register [Controller::class, 'method'], the router resolves the controller through the container. That means constructor injection works as long as the controller is container-resolvable.

In the API skeleton, app providers are enabled through config/serviceproviders.php and implemented in app/Providers.

Attribute Routing

Glueful also supports attributes.

Class-level prefix:

use Glueful\Routing\Attributes\Controller;
use Glueful\Routing\Attributes\Get;
use Glueful\Http\Response;

#[Controller(prefix: '/v1/users')]
class UserController
{
    #[Get('/{id}', where: ['id' => '\d+'])]
    public function show(int $id): Response
    {
        return Response::success(['id' => $id]);
    }
}

Generic route attribute:

use Glueful\Routing\Attributes\Route;

class HealthController
{
    #[Route('/healthz', methods: 'GET', name: 'healthz')]
    public function index(): Response
    {
        return Response::success(['ok' => true]);
    }
}

Route Cache Commands

The currently documented route-cache commands are:

php glueful route:cache:status
php glueful route:cache:clear

Do not rely on a route:cache command unless it has been added to your installed framework version.

Core concepts

Core concepts you'll use every day

Authentication

Built-in authentication endpoints, token flows, and how to extend them