What is the _unit variable in the auto test file from the employer?

I want to get a job in one company and they sent me a test task of the following nature: to make an API for authentication. And along with this, they dropped the tests that this application should pass. For a very long time I was tormented by the fact that I would pull out a token from the request . It seems to be doing it, but now it gives an error that the _user not defined. Here is the test code and server file:

 'use strict' let assert = require('chai').assert let request = require('supertest-as-promised') let app = require('../../app') let email = 'integration_test_' + Math.floor(Date.now() / 1000) + '@wartech.ua' let password = 'test' let name = 'My name' describe('Authentication Controller', () => { it('should register a new user and return token', () => { let _token = null; return request(app) .post('/api/register') .send({ email, password, name }) .expect(201) .then((data) => { _token = data.body.token; assert.ok(_token); }); }); it('should login existing User', () => { let _token = null; return request(app) .post('/api/login') .send({ email, password }) .expect(200) .then((data) => { _token = data.body.token; assert.ok(_token); }); }); it('should return an error bad request if email is used', () => { return request(app) .post('/api/register') .send({ email, password, name}) .expect(400); }); it('should return an error bad request if email isn\'t specified', () => { return request(app) .post('/api/register') .send({ password, name }) .expect(400); }); it('should return an error bad request if password isn\'t specified', () => { return request(app) .post('/api/register') .send({ email, name }) .expect(400); }); }); describe('Profile controller', () => { let _token = null; before(() => { return request(app) .post('/api/login') .send({ email, password }) .then((data) => { _token = data.body.token; assert.ok(_token); }); }); it('should fetch the profile info of existing user', () => { return request(app) .get('/api/profile') .set('Authorization', 'Bearer ' + _token) .expect(200) .then((data) => { assert.equal(data.body.email, _user); }); }); it('should return an error when token is not specified', () => { return request(app) .get('/api/profile') .expect(401); }); }); 

And the application looks like this:

 'use strict'; //require packages let express = require('express'); let app = express(); let bodyParser = require('body-parser'); let morgan = require('morgan'); let mongoose = require('mongoose'); let jwt = require('jsonwebtoken'); let config = require('./config'); let User = require('./models/user'); let router = express.Router(); //connect database mongoose.connect(config.database); app.set('superSecret', config.secret); //configure express app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); app.use(morgan('dev')); app.use('/api', router); //index route app.get('/', function(req, res) { res.send('Hello'); }); //user create route router.post('/register', function(req, res) { //search if user with this email exists User.findOne({ email: req.body.email }, function(err, user) { if (err) { console.log(err); } else if (user) { //provide status response if true res.status(400).json({ success: false, message: 'User with this email already exists' }); } else { //if email isn't provided - response with status code 400 if (!req.body.email) { res.status(400).json({ success: false, message: 'Email wasn\'t provided' }) } else { //if everything is ok create user and save User.create({ email: req.body.email, password: req.body.password, name: req.body.name }, function(err, newUser) { if (err) { console.log(err); } else { // create a token let token = jwt.sign(newUser, app.get('superSecret'), { expiresIn: "24h", // expires in 24 hours issuer: newUser.name }); // return the information including token as JSON res.status(201).json({ success: true, message: 'Register successful, token sent', token: token }); } }); } } }); }); router.post('/login', function(req, res) { // find the user User.findOne({ email: req.body.email }, function(err, user) { if (err) throw err; if (!user) { res.json({ success: false, message: 'Authentication failed. User not found.' }); } else if (user) { // check if password matches if (user.password != req.body.password) { res.json({ success: false, message: 'Authentication failed. Wrong password.' }); } else if (!req.body.email) { //check if email provided res.json({ success: false, message: 'Authentication failed. No email was provided. ' }); } else if (!req.body.email == user.email) { //check if email matches res.json({ success: false, message: 'Authentication failed. E-mail doesn\'t match. ' }); } // if user is found and password is right // create a token let token = jwt.sign(user, app.get('superSecret'), { expiresIn: "24h" // expires in 24 hours }); // return the information including token as JSON res.json({ success: true, message: 'Enjoy your token!', token: token }); } }); }); router.get('/profile', checkToken, function(req, res) { res.json({ name: req.decoded._doc.name, email: req.decoded._doc.email }) }); function checkToken(req, res, next) { console.log(req.headers['authorization']); var token = req.body.token || req.query.token || req.headers['authorization']; // decode token if (token) { // verifies secret and checks exp jwt.verify(token, app.get('superSecret'), function(err, decoded) { if (err) { return res.json({ success: false, message: 'Failed to authenticate token.' }); } else { // if everything is good, save to request for use in other routes req.decoded = decoded; next(); } }); } else { console.log('token not found'); // if there is no token // return an error return res.status(401).send({ success: false, message: 'No token provided.' }); } } app.listen(3000, function() { console.log('Server started'); }); module.exports = app; 

Help me understand how to define this variable? I can not even kill anything. Tests, as you understand, I can not touch. For the first time I work with authentication on tokens, I will be glad to help or advice.