afaik to generate those tokens, you configure a secret in an enviroment variable. You cannot generate tokens from looking at valid tokens within the database. Thus storing active tokens in the database is fine since you can always purge all active tokens as this post has also suggested.
Thank you for the detailed explanation :)