...but surely the 2FA alerts should go to a device OTHER than the one you are trying to access? Otherwise what is the point? I someone steals my mac they get unfettered access to my apple account. 2FA does nothing to help...but it should!
The alerts go to all devices associated with the AppleID. Given that Apple has pretty good security available on iPhones, whether by fingerprint or facial recognition, the design of the system is that if someone from some OTHER device tries to log into your AppleID account the alert will be sent to your iPhone, which you can see because YOU can unlock it while nobody else can. As for just opening the phone, I've never had to provide an AppleID to do that, just my fingerprint or face. So no 2FA goes to the device to let me log into it, only when I use it, or some other device, to access a function that DOES require AppleID.
To address the exact scenario of someone stealing your Mac, when they try to log in they won't be able to because of your login password. (You do have a password, right?) So they cannot get to your Apple ID or the associated account because they cannot get into your Mac. When you lock down your Mac through your AppleID (assuming you do that) they won't be able to see the code because all they can see is the login screen. Now, if you are so unlucky that they steal your Mac before it locks down for inactivity AND you have your AppleID stored on the Mac, AND you don't notice in time before they try to change your AppleID password, and they do that before the timer for locking down the screen occurs, the first indicator of an issue for you will be the message on your other devices associated with the AppleID that "your" attempt to change the password requires 2FA, which is an alert that something is amiss. But those circumstances can easily be avoided by having a fairly short setting for how long before the password is required. I have mine set for 5 minutes when I'm at home, move it to even shorter when I travel with it. Basically, if I turn my back and a thief grabs the MBP from in front of me, the miscreant has less than a minute to get into it before it locks.
Now, you might wonder about what if someone steals your iPhone? Well, if you have taken the routine security steps to have a passcode, fingerprint, facial recognition set up then that thief cannot get into your iPhone. If you now use a different device to lock down that iPhone, or use Find My Phone, they might see the code on the lock screen (I'm not sure about that) but even so, they can't use it because they can't open the iPhone itself.
So, the point you raise is not really an issue, mostly because the 2FA is not protecting the device itself, but the AppleID account. The device is protected by your login and security settings on the device. The combination of the two provides pretty good security, if you use it.
Lately, when the text comes in with the 2FA code, it's been automatically filling in the code, if I am using it, because I unlocked it with the proper security, so having 2FA is even easier to use.