Two - factor authentication

No, Apple doesn't do that.

See the following from Two-factor authentication for Apple ID https://support.apple.com/en-us/HT204915

When you sign in on a new device, you’ll get a notification on your other trusted devices that includes a map showing the approximate location of the new device. This is an approximate location based on the IP address the device is currently using, rather than the exact location of the device. The location shown might reflect the network you're connected to, and not your physical location.

If you know you’re the person trying to sign in but you don’t recognize the location shown, you can still tap Allow and continue signing in. However, if you ever see a notification that your Apple ID is being used to sign in on a new device and you're not the one signing in, tap Don’t Allow to block the sign in attempt.

In this regard, Check your Apple ID device list (https://support.apple.com/en-us/HT205064) and remove any device that shouldn't be signed in using the steps in the link.

If there are none that shouldn’t be signed in, then you should not have a problem at this point. But, if an unauthorized device is signed in, Change your Apple ID password https://support.apple.com/en-us/HT201355 

Here is What to do after you change your Apple ID or password https://support.apple.com/en-us/HT204071

Someone may be trying to sign your Apple ID, which would generate the request for a verification code. Since you have 2 Factor Authentication enabled, as long as they can't access one of your trusted devices, they can't get a code, and sign in. You should be okay.

I am not sure. I looked back. You actually got a code without taking any action to allow the sign in attempt?

And, you didn't accidentally allow someone else to sign in?

Me too. I'll think some more about why and get back to you if I think of something. Be safe.