One could argue that this is against the idea of 2FA. In case you lose your device, you should simply use another with different token and delete the validity of the lost one.
Additionally, as 2FA is supposed to add an extra layer of security, having 2FA token and passwords stored in the same db is also not the best idea in that regard.