You don't catch that error. Django does it for you: when you call form.is_valid()
, it calls each of the clean_field methods and catches any ValidationError exceptions, putting them into the form.errors attribute.
So, what you have is already fine.
Except for the major, huge, absolutely vital issue that you should never store passwords in plain text. Don't create your own standalone user class: inherit from AbstractBaseUser and use Django's built-in methods to create users and hash their passwords. You must not do it like this.