How to Protect Against SQL Injection Using Parameterized Query Binding in SQLAlchemy