multithreading - Isn't PHP multithreaded?

one text

The scenario is as follows:

Frontend (written in React) makes a request to my api gateway which forwards the request to the related service (another api call). User1 clicks a button B which is handled by MyController method myMethod in my API gateway and then another user, user2 clicks the same button B which is handled by the same controller and the same method. (I've tested that by opening two separate browsers for each user).

User 2 clicks the button right after user 1 clicks it. I noticed that if for user1 the execution takes say 15 seconds to complete, the execution for user 2 is blocked and it runs after execution for user 1 completes. I would not expect this to happen, it is like both requests are served by the same thread, and the execution is blocked.

And to be more precise that blocking method (in my API gateway) it makes a Http async request to an API. I thought the second call from user 2 will run in a different thread and it would return before user1 finishes!

The way I tested it after I noticed that it is blocking is that for the first user1 I've made the code so that it makes an API call and the method that serves it has a delay (using sleep()):

Route::middleware('auth:sanctum')->get('testCallSlow', function (){
    sleep(15);
    return json_encode('some result for user 1');
});

and then another endpoint for user 2:

Route::middleware('auth:sanctum')->get('testCall', function (){  
    return json_encode('some result for user 2');
});

Is this the right behavior? Will it be different when deployed on a real server?

I was wandering whether on a real server threading will be handled differently.

I thought to ask before I go with RabbitMQ. Has anyone faced the same issue?

My development environment is Xamp, Apache, and everything is hosted through apache (virtualhost) I am NOT using php artisan serve (I did initially and I thought that may be the problem since local development server might well be a simplified version running on a single thread).

frontEnd calls API gateway on this method (both users):

public function userDetails(Request $request)
{
    // check user has no permission to proceed, if not return 403
    if (!$this->permissionService->userCanAccess(auth()->user(), Microservice::RESCOM_MSERVICE_ID))
    {
        return response()->json(['message' => 'user does not have permission to access the requested resource.'])->setStatusCode(403);
    }
$rescom_token = $this->getSessionToken(); // writes token to session the 1st time, any susequent calls only read.

    // proceed with call to rescom api
    $url = 'http://rescom.io/api/testCall';

    // This -if is only put here for testing two different users, 
   // each user's request is forwarded to different endpoints (see 
    // actual end points above)
    if (auth()->user()->id == 2)
    {
        $url = 'http://rescom.io/api/testCallSlow';
    }

    try
    {
        $body = '';
        $promise = Http::withToken($rescom_token)->async()->get($url)->then(function($response) use (& $body)
        {
            $body = $response->body();
        });

        $promise->wait();

        return $body;
    }
    catch (\Exception $e)
    {
        return \response()->json($e->getMessage());
    }
}

Source